Cyberwarfare against the Ukraine places businesses on high alert

Following reports that Russia has initiated cyberwarfare techniques against the Ukraine, businesses around the globe are now on high alert and facing the real prospect of an increase in cyber-attacks.

According to a Reuters news report, large financial institutes are preparing for ransomware and malware attacks, denial-of-service attacks, data-wiping and theft. Following the move by the United States move to block some Russian banks from the SWIFT international payment system, tensions are mounting and many banks are preparing for potential attacks.

We are working with our security partners to monitor the situation and wider risk in order to offer the appropriate guidance and information to our customers. Our current recommendations echo that of financial institutions, including Natwest – to implement Cyber Essentials as a minimum standard.

Cyber Essentials is a Government backed and industry supported scheme assisting businesses in protecting themselves against cyber-attacks. Involving a combination of practical steps and training, organisations can progress to Cyber Essentials Plus where an assessment is conducted and formal certification awarded.  Cyber-Essentials, although a critical step in your IT roadmap that we can assist with, is not an overnight solution.

CE-logo

Microsoft has also identified Malware threats and recommend carrying out assessments, reviewing authentication activity for remote access infrastructure and enabling MFA (Multi-Factor Authentication).

Some quick-to-implement solutions we’d recommend include:

  1. Communicate with your employees. Ask them to be extra vigilant – they play a key role in keeping your business secure
  2. Be skeptical. Changes to financial recipient information should be verified
  3. Double-check links. Does the url in the email or web address match the organisation domain sending the communication
  4. Spelling check. Simple changes, typos or hyper-links to familiar web or email addresses can be fraudulent
  5. Ensure the latest updates are installed on all systems and applications
  6. Run a dark web scan
  7. Implement MFA (Multi-Factor Authentication)
  8. Utilise a password management solution, such as Last Pass

If you’d like to review your current security position and look at the solutions available to suit your business, please get in touch for us to deliver a security assessment and action plan tailored to your business.