Russia – Ukraine Cyber Security

Cyber security has never been more important due to the ongoing conflict in Ukraine. Due to this the National Cyber Security Centre (NCSC)continues to call on organisations in the UK to bolster their online defences. 


While the NCSC is not aware of any current specific threats to UK organisations in relation to events in and around Ukraine, there has been a historical pattern of cyber attacks against Ukraine with international consequences. HermeticWiper, a wiper malware used against Ukrainian organisations, also has the potential to impact organisations outside of Ukraine. Wiper malware can erase data from the hard drive of an infected computer. 


The steps that the NCSC recommend are divided in to 4 areas. The first is balancing cyber risk and defence. This means there is a need to strike a balance between the current threat, the Ukraine/Russia conflict, the measures needed to defend against it, the implications and cost of these defences and the overall risk it presents to your organisation. 


The second area to look at is factors affecting your organisation’s cyber risk. This can change if new information emerges of a heightened threat level. This may be due to a temporary uplift in the attacker’s capability. An example of this would be a zero-day vulnerability (a known bug in a commonly used piece of software with no patch), in a widely used piece of software that capable hackers are actively exploiting. 


The third area is to look at the actions you can take. This will include the following: 

  • Check your system patching.
  • Verify access controls – passwords etc.
  • Ensure defences are working – antivirus software, firewall rules.
  • Logging and monitoring.
  • Review your backups.
  • Incident plan.
  • Check your internet footprint – IP addresses, vulnerability scan.
  • Phishing response – staff training.
  • Third party access – minimise.


The fourth area is advanced actions.  This would be to create a Cyber Assessment Framework More information on how to do this can be found here  

Your cyber security is equivalent to an insurance policy and due to the Ukraine/Russia conflict it has never been more important for this to be in place.