Photo of Oliver Pinson-Roxburgh

Oliver Pinson-Roxburgh

CEO and Co-Founder

2nd March 2022

Russian hackers targeting UK businesses

Cyberwarfare is a present-day threat when conflict between two nations develop, with cyber attacks targeting government departments, banks and communication networks, alongside a military invasion. Threats can disable computer systems, spread disinformation, or used for espionage, all of which can extend beyond the feuding nations.

As the Ukrainian crises deepens, UK organisations could be caught in the crossfire as hackers scour servers for vulnerabilities to exploit. We discovered an increase in malicious cyber activity and attacks emanating from Russia on 20th January 2022 concerning Russian-based IP addresses that were targeting UK’s financial institutions scanning for vulnerabilities. Of course, any weaknesses detected by hackers are an opportunity to conduct more debilitating attacks. For example, the DDoS attacks that took place on Ukrainian organisations on February 15th and 16th that were attributed to Russian hackers. Any NATO sanctions on Russia since invading Ukraine may trigger retaliatory cyber attacks on NATO allies, including the UK. So, it’s paramount businesses strengthen their cyber resilience against potential threats that may arise from the conflict and exercise good cyber security practice.

UK businesses warned to strengthen their cyber defences

The National Cyber Security Centre (NCSC) has given a stark warning to organisations to strengthen their cyber defences since the DDoS attacks on Ukraine, and ahead of any forthcoming cyber attacks. The Cybersecurity and Infrastructure Security Agency (CISA) also issued ‘Shields Up’ guidance to all organisations in the US with recommendations to increase their cyber security posture. The guidance includes advice for organisations on how to reduce the risks of a data breach by maximising their cyber resilience, taking swift action to detect cyber intrusions, and preparing incident response teams ahead of potential attacks.

Defense.com has already noticed some of our customers in financial and insurance sectors being targeted with attempted attacks since the rise in tensions between Russia and Ukraine. When threat levels are raised, it’s advised to be proactive in securing systems to reduce exposure and minimise the risk of a cyber attack. Here are some fundamental actions organisations should prioritise to ensure their security posture is robust:

Actions to avert cyber security risks

Assess your vulnerabilities

Assess and prioritise vulnerabilities that need to be fixed immediately and could have the biggest impact on the organisation if exploited. Consider the costs and availability of resources required to fix issues to avoid prolonged system downtime. For a more comprehensive assessment of your threat landscape, a penetration test will enable you to understand where your vulnerabilities lie and provide guidance on how to fix any flaws before a threat actor can take advantage of them.

Review your access controls

Stronger access controls should be implemented to prevent unauthorised access to your IT network. If third parties have access to your systems or cloud, it is essential you understand their level of privilege and what they can access to safeguard against the threat of a breach that impacts your data. Every employee should understand the importance of strong passwords and how critical these are to the security of business and personal data. Implementing multi-factor authentication (MFA) is advised to further strengthen your security posture and reduce the risk of hackers gaining access to privileged accounts.

Incident response plan

The damage from a cyber attack can be minimised with a well-structured incident response plan. If you already have an incident response plan in place, ensure that it is up to date, the roles and responsibilities of key personnel are clearly defined, and that both the escalation methods and contact details for key stakeholders are listed and accurate.

System patching

Manage your risk by ensuring all devices, operating systems, and applications are patched. Unpatched systems are at risk of being exploited by hackers using known vulnerabilities. If systems and applications are not updated, businesses are highly susceptible to cyber attacks and data breaches.

Back up data

Regularly back up data to avoid cyber threats such as malware and ransomware. Storing backup data offline for example, is a way of isolating it from its live environment while keeping it protected from cyber attacks. This means that any cyber security incident threatening your live environment will not affect the backup data, giving you greater peace of mind that business-critical data can be restored in the event of a cyber attack.

Brief your organisation

Inform your employees and wider organisation, including partners, customers, and third-party suppliers on how current events could pose a risk to the business and what the company is doing to protect business-critical and customer data. This will give all stakeholders greater peace of mind that your business is proactive in dealing with potential threats and that your cyber security is robust.

A proactive approach to stay ahead of the hackers

The increase in Russian-related cyber activity detected early this year, which will likely increase since Russia’s invasion of Ukraine, is a signal for organisations to secure their networks and data before more cyber attacks begin to surface. Strong cyber security resilience is key to safeguarding your network and infrastructure against cyber threats. Following these key approaches and reviewing your existing security policies and procedures will help to mitigate current cyber security risks and stay one step ahead of the hackers.

Start protecting your business today with a free trial

Get in touch today to start your free trial of Defense.com™ and discover how we can help you take the stress out of your cyber security.