While there is no cyber security threat level mechanism in the UK similar to the terror-related Threat Level, the UK’s National Cyber Security Centre (NCSC) recently joined international partners in sharing mitigation advice against Russian state-sponsored and criminal cyber threats.
The advisory is published jointly by the NCSC – a part of GCHQ – and the UK’s National Crime Agency, alongside agencies in the US, Australia, Canada and New Zealand (the so-called “Five Eyes’ intelligence alliance)
The advisory is available to read in full on the US Cybersecurity and Infrastructure Security Agency’s (CISA) website, and provides technical details on the threat to critical infrastructure from Russian state-sponsored cybercriminals.
In the light of recent Russian belligerence and the fear that its well-established hackers will target Western IT infrastructure, the advisory urges those responsible for critical infrastructure networks, in particular, to prepare for and mitigate potential cyber threats—including destructive malware, ransomware, DDoS attacks, and cyber espionage—by hardening their cyber defences and performing due diligence in identifying indicators of malicious activity.
The advisory urges organisations to implement the following actions to immediately protect against Russian state-sponsored and criminal cyber threats:
• Patch all systems. Prioritize patching known exploited vulnerabilities.
• Enforce multifactor authentication.
• Secure and monitor Remote Desktop Protocol and other risky services.
• Provide end-user awareness and training.
I have written extensively in the past on the need for organisations to take cyber security seriously, and have noted that improperly specified, installed and maintained electronic security systems present an open back door for hackers.
Our clients rely on us to provide robust systems designed to resist cyber-attacks, and to this end, we have invested in the skills, certifications and technical infrastructure necessary to deliver on our promise to keep our clients’ systems safe.
As such, I would urge anyone reading the four immediate calls to action above to give us a call if any one of these vital measures can’t be determined. Outside of ensuring your electronic security system is secure, if you want advice on wider cyber security issues we are also lucky to have a sister business whose sole concern is cyber security: give me a call if you need to be put in touch with one of their experts!
Finally, on the back of a very successful day at Mercedes Benz World recently, we will be holding another of our innovation days soon over the summer– Please feel free to contact me to secure your place.
Stay safe!
