The Ukrainian Conflict and Rising Cyber Threats

The Ukrainian Conflict and Rising Cyber Threats

Over the last few weeks, we have all been watching the escalating and unprovoked attack on Ukraine by Russia. With an increase in sanctions from the UK and a significant escalation in hostile cyber-attacks, these two events are most definitely related. To counter the threat, the National Cyber Security Centre (the public face of the National Intelligence Agency GCHQ) have urged all UK organisations to follow their guidance on actions to take during times of a high cyber threat.

During the past 14 days, our clients have seen a 212% increase in spear-phishing attacks in comparison to early January and February’s figures. Along with this, we have also seen a 300% rise in attempted ransomware attacks through Remote Desktop Protocols (RDP). This is a popular target for hackers, as it provides initial access to their target’s computer.

In the type of attacks that we have seen there has been some particularly nasty malware and ransomware attacks from the Hermetic Wiper, Whisper Gate and SaintBot malware families. Combined with an increase in Ransomware as a Service and the Russian Government’s utilisation of crypto currency to bypass sanctions on the Russian Banking sector, the UK’s cyber resilience is being put to the test.

In the current cyber climate, it can sometimes feel overwhelming to know how to proceed. We have been asked many times over the past few weeks “What can I do to help protect our business at this time?”. To protect yourselves, we have come up with the following ten steps to ensure that you are doing all that you can:

  1. Take the Advice - Read and refer to the NCSC’s recent advice on preparing for a cyber-attack. We would also recommend speaking to your region’s Cyber Resilience Centre. You can find their contact details here.
  2. Understand your Risk – Identifying your Cyber Risks provides you with the knowledge of where your organisation is most vulnerable. Our Cyber Operational Business Risk Audit (COBRA) provides a full cyber risk profile, which highlights the key risks and recommends solutions to these vulnerabilities.
  3. Protection - Ensure that your anti-virus and/or anti-malware capabilities are up to date. KryptoKloud’s recommendation is to include an up-to-date Endpoint Detection and Response capability (Speak to us to find out more)
  4. Preparation, Preparation, Preparation – Review and test your incident response and recovery plans, along with your data backup procedures. This would be an ideal time to ensure that you have identified your organisation’s critical data.
  5. Patch it Up ­– Make sure that your software and patch management is up to date. This is not only for your operating system, but any 3rd party applications and/or services that you utilise.
  6. Lock & Key - Use Multifactor Authentication (MFA) and Network Segregation, along with Password Management.
  7. The “IT” Factor – Review your network infrastructure to discover potential vulnerabilities and single points of failure. If this is something that you are thinking about outsourcing or would like advice on best practice, our friends at Sempervox are a leading IT Managed Service Provider who can assist.
  8. Question Everything – Vigilance is one of your best weapons against Phishing and Spear-Phishing campaigns. Prepare your team through simulated phishing campaigns and cyber training. Our Cyber Security Basic for Staff Course is designed to provide an overview and actionable steps, so that your team can provide an extra line of cyber defence to protect your organisation.
  9. Lean on your Experts...or Ours – In an ever-changing and highly technical world, in-house cyber security specialists are becoming a necessity for organisations of all sizes. If this is not feasible for your size or organisation structure, our KryptoSOC 360 XDR and KryptoGuard provide a layered defence which is monitored 24/7 by our team of specialist cyber analysts.
  10. Ensure you are Insured – Make sure that your cyber insurance fits the needs of your organisation by conducting a review of your coverage. If you want an expert eye to review your current coverage, our friends at The Wilson Organisation are highly experienced and knowledgeable when it comes to your cyber insurance.

Many of our team come from a military background, with a few who were on the frontline during the last time that the UK stood up against Russian aggression. In the digital age, the frontline has changed and consequently, so have the challenges. Here at KryptoKloud, our goal is to stand with your team on the ‘Digital Frontline’.