The National Cyber Security Centre (NCSC) has issued a warning to companies to bolster their defences in light of Russia’s recent cyber attacks on the Ukraine. Cyber attacks are a very useful offensive tool to use alongside conventual warfare as they are able to disrupt key systems within a country, such as power and telecommunications. The UK’s potential involvement in any conflict makes the country a more likely target for sophisticated nation state-level attacks targeting companies that may provide services that support, or themselves are considered, critical national infrastructure.
However, the warning goes above and beyond and is advising every company to strengthen their cyber defences. The NCSC is advising companies to become more cyber resilient, which is a term that the UK government are also using in their “Government Cyber Security Strategy 2022-2030” document. Cyber resilience is not just about your protective controls such as firewalls and anti-virus. It’s also making sure you have the ability to detect that a cyber attack is occurring, and having the ability to respond in a manner that increases your chances of stopping the attack and minimising disruption and reputational damage. Should the worst happen and an attack successfully breaches the defences and disables the computer network, a resilient organisation should be able to recover their data quickly and efficiently. The NCSC advice goes into detail on how companies should increase their cyber resilience given the heightened threat at this time. The advice is that organisations should consider speeding up their deployment of cyber defences, and if any risk-based decisions have been made to not increase defences, that these decisions are revisited in light of the increased threat.
This threat and the subsequent advice from the NCSC should be taken very seriously. Ransomware especially is a considerable threat to any organisation and in the hands of a nation state with incredibly sophisticated cyber-attack capabilities can be used to cause massive disruption to computer networks, effectively crippling the company’s ability to function. These attacks can be weaponised to such an extent that they will easily bypass the defences of companies that are not prepared.
There are a number of actions you can take internally to help, such as patching of key systems and ensuring any internet-facing systems are protected by Multi-Factor Authentication. Your organisation should not be running any internet-accessible systems that are just using a username and password. This means not only the VPN or Office 365 logins you use to work remotely, but also any file sharing services, HR apps, CRM software and any other SaaS applications that you may be using.
There are several ways in which Falanx Cyber can help too with regard to the NCSC’s recommendations. Our primary recommendation is to use our Triarii Managed Detection and Response (MDR) service to detect and respond to attacks in real time. This can block even nation state level attacks, including ransomware that is designed to disrupt systems. Alongside our MDR, you can perform a quick assessment of both your own security and your key suppliers using f:CEL, which shows you the hacker’s view of your organisation and how likely you are to be successfully targeted. Any weak areas can then be further checked with our penetration testing services. We can also help your staff in detecting suspicious emails and other attempted cyber attacks by running engaging and entertaining training sessions at your offices or remotely.
Contact us now for more information.