natanaelginting - stock.adobe.co
Prepare for long-term cyber threat from Ukraine war, says NCSC
The NCSC has published refreshed guidance on cyber preparedness as the war on Ukraine continues, urging organisations to pay attention to the state of their security teams
As Russia’s war on Ukraine drags into its fourth month, with no sign of a ceasefire or resolution, the UK’s National Cyber Security Centre (NCSC) has told UK organisations to buckle up and prepare for the long haul.
The organisation has published refreshed guidance aimed at supporting staff resilience during the war, and is the latest in a series of interventions made by the UK’s cyber agency to help organisations bolster their security defences in response to the conflict.
While the NCSC maintains there is no indication of a specific cyber threat to the UK from Russia, it believes the general threat remains heightened and organisations should not let their guard down.
The cyber element of the war has already spilled over into other European countries, most recently in the form of substantial distributed denial of service (DDoS) attacks conducted against targets in Lithuania and Norway by threat actors supportive of the Putin regime.
In an interview with Computer Weekly, NCSC CEO Lindy Cameron, named today as the UKtech50 most influential person in UK technology for 2022, said that Ukraine’s attitude to preparedness should be a model for UK organisations.
“The better prepared that organisations are, the less scary it is and the better they are able to recover. We have seen this with Ukraine. One of the reasons that Ukraine has survived a significant onslaught has been that they knew what to expect and they were prepared for it,” she said.
Today’s new guidance lays out eight steps for sustaining a strengthened security posture when systems, processes and the workforce remain under pressure, focusing more on staff welfare as a contributor to overall resilience.
It is designed to be as equally applicable to any period of sustained threat, not just the one arising from Ukraine, and advises in particular that organisations pay attention to the workloads they are putting on their security teams – overextending them can harm wellbeing and lead to lower productivity, and allow unsafe behaviours and errors to creep in.
The recommended actions include paying attention to the basics of security; revisiting risk-based decisions that may have been taken at the onset of the Ukraine war; empowering security staff to make day-to-day decisions on response without needing oversight; spreading workloads better across teams and making sure security staff get sufficient breaks; and accelerating any planned action to harden networks or otherwise boost defences.
Paul Maddinson, NCSC director for national resilience and strategy, said: “From the start of the conflict in Ukraine, we have been asking organisations to strengthen their cyber defences to help keep the UK secure, and many have done so.
“But it’s now clear that we’re in this for the long haul and it’s vital that organisations support their staff through this demanding period of heightened cyber threat.
“We have produced new guidance to help organisations do this, and I would encourage them to follow our advice to help sustain their strengthened cyber posture.”
Read more about the NCSC’s work in the Ukraine conflict
- UK authorities have attributed the 24 February cyber attack on the network of satellite comms company Viasat to Russia.
- Thanks to a combination of prior experience and global support, Ukraine’s defences against cyber incidents are holding strong in the face of Russian attacks.
- NCSC issues refreshed guidance on organisations’ usage of technology and services of Russian origin, but stops short of advising users to expunge all Russian IT.