UK organisations should urgently consider reinforcing their cyber security defences in response to the developing international crisis in Eastern Europe, which has already seen an unknown group or groups conduct cyber attacks against targets in Ukraine with the destructive WhisperGate malware.
The UK’s National Cyber Security Centre (NCSC) is today issuing a new bulletin on the unfolding crisis, which diplomatic experts anticipate will likely culminate in Russian military action against Ukraine, and possibly a full-blown invasion. Further cyber attacks are considered quite likely in such a scenario.
The NCSC’s alert follows similar bulletins from US government agencies, including the Department for Homeland Security (DHS) and the Cybersecurity and Infrastructure Security Agency (CISA).
NCSC operations director Paul Chichester said: “The NCSC is committed to raising awareness of evolving cyber threats and presenting actionable steps to mitigate them.
“While we are unaware of any specific cyber threats to UK organisations in relation to events in Ukraine, we are monitoring the situation closely and it is vital that organisations follow the guidance to ensure they are resilient.
“Over several years, we have observed a pattern of malicious Russian behaviour in cyberspace. Last week’s incidents in Ukraine bear the hallmarks of similar Russian activity we have observed before,” he added.
“While we are unaware of any specific cyber threats to UK organisations in relation to events in Ukraine, we are monitoring the situation closely and it is vital that organisations follow the guidance to ensure they are resilient” Paul Chichester, NCSC
The NCSC reiterated that it has not identified any specific threats against organisations in the UK – whether public sector or government bodies, or private enterprises – and nor is it prepared to attribute full responsibility for the WhisperGate attacks on Kyiv to any specific threat actor at this time.
Nevertheless, it said, if we are currently in a period of calm before a storm, security teams should use this time to ensure their systems are fully patched; to improve access controls and enable multifactor authentication (MFA) if possible; to implement incident response plans; to check, double check, then triple check that backup and restore mechanisms are functional; to ensure online defences are working as intended; and to stay up-to-date with the latest threat and mitigation information.
Speaking in response to the DHS alert earlier in the week, Bill Bernard, senior director of solutions architecture at Deepwatch, a US-based security services supplier, said that even though many security professionals would likely assess their organisations to be at minimal risk of a cyber attack backed by the Russian state, it was still worth taking action.
“At this point, you could assume that there would be two different sets of hackers during this time of unrest: one operating at the direction of the state and working to forward their goals; and the other the opportunists looking to make money in the midst of the chaos. Expect the unexpected. Don’t be complacent that you’re not a ‘priority target’ for Russian attackers,” said Bernard.
Source is ComputerWeekly.com
Edge computing is growing with the increasing demand for real time processing and reduced latency in today's digital landscape. The rise...
Source is ComputerWeekly.com
Amazon Web Services (AWS) reported a 17.5% year-on-year increase in revenue to $30.9bn during the second quarter of its 2025 financial...
Source is ComputerWeekly.com
The Competition and Markets Authority (CMA) has confirmed Microsoft and Amazon Web Services (AWS) will face “targeted and bespoke” interventions to...
Source is ComputerWeekly.com
Microsoft Cloud grew 27%, with revenue of $46.7bn, in its fourth quarter 2025 financial results, the tech giant has reported. While...
Source is ComputerWeekly.com
The collection of key datacentre sustainability data by operators is faltering after years of progress, according to research by server farm...