Following the escalation in the conflict in western Ukraine, the Russian government and their proxies are using numerous new methods to attack.
An escalation in cyberwarfare has seen a number of Ukraine government and critical infrastructure sites come under DDoS (Distributed Denial of Service) and potential Ransomware attacks.
Experts at Crossword Cybersecurity are among the voices warning organisations and business across the UK to stay fully amid the climate of heightened risk, in the wake of successful attacks on IT infrastructures in Ukraine. Nodes and devices can be compromised and used as command and control centres to infect companies in the countries that are seen by Russia as aggressors.
While UK-based organisations may be aware of the potential for attacks, cyber analysts and cyber engineers at Crossword say they have increased their threat intelligence indicators to be more sensitive to potential malware and DDOS origins. They have seen an increase in reconnaissance scanning, which is often a precursor to potential DDOS attacks.
The National Cyber Security Centre (NCSC) and other government agencies across the globe have recommended that companies harden their cybersecurity measures.
More practical steps that firms can take today to mitigate risk, include:
- Lessen your external footprint, such as services open to the internet like RDP servers
- Improve staff awareness: remind your staff not to click on links, as the attacks will be destructive, and looking to cause damage rather than extort money
- Make sure backups are up to date, and take a copy of them offline
Phil Ashley, Managing Director, Crossword Labs, said:
“As the conflict between Russia and Ukraine intensifies, the international community will continue to bring in greater sanctions.
“With each iteration of sanctions, we can expect Russia to retaliate with more cyberattacks across the globe as its primary means of attempting to destabilise infrastructure and companies of countries in the west. UK companies need to take this threat seriously and consider it an immediate concern,” Ashley added.
FinCrime Sanctions 2022
The GRC World Forums inaugural Sanctions and Compliance 2022 virtual event has been designed for those working in global sanctions compliance, internal audits and investigations, international trade, banking, insurance, forensic accounting, and white-collar crime to discuss how best to overcome Sanctions related challenges and provide roadmaps to successful strategy implementation and management of your sanctions and compliance programme.