Ever since the widespread adoption of the internet, there have been periods of time where organisations and individuals have faced increased cyber risk. With Russian’s invasion of Ukraine, the UK has entered another period of increased cyber risk.
At the time of writing, there have been no known attacks on UK organisations, however the National Cyber Security Centre (NCSC) has provided guidance to improve your security posture in response to the increased cyber risk. Below we discuss the potential risks facing organisations, and what they can do to remain vigilant and reduce the chance of falling victim to an attack.
Potential cyber risks: collateral damage
All organisations are at risk of falling victim to a cyberattack. In 2021, 4 in 10 UK businesses reported having cybersecurity breaches or attacks, with phishing attacks being most common.
With the current state of increased cyber risk, organisations are more likely to become collateral damage as targeted malware spreads to other businesses. This was the case with the 2017 NotPetya ransomware attacks. During this time, Russia targeted Ukraine’s financial, energy and government institutions with an advanced ransomware. Due to the indiscriminate design of the ransomware, it also spread to machines in the United States, United Kingdom, Australia and many other countries. It is possible a similar scenario could play out, and for this reason, you should take steps to improve your organisation’s security posture.
What else should you do to protect your organisation and people?
The NCSC has provided a list of actions that they recommend to ensure basic cybersecurity hygiene controls are in place and functioning properly.
This guidance is always essential, however there is more you can do to bolster your security posture now. We recommend that all organisations deploy additional security features regarding email security, backups and disaster recovery and employee education and awareness.
As email is the number one attack vector, it is essential that businesses do everything they can to decrease the chance of falling victim to a phishing attack. There are many ways that cybercriminals use email to launch a cyberattack, however thankfully a comprehensive email security solution can stop malicious emails before they even land in an employee’s inbox. Always look for email security solutions that include URL and attachment protection to thwart business email compromise attacks.
It should also be noted that during periods of unrest, it is common to see phishing attacks link to malicious websites masquerading as news sites, or even charity donation sites. A comprehensive email security solution should stop these; however it is important that employees are educated on common cyberattacks and scams to reduce the chance of falling victim to an attack, both at work and at home.
Employee education and awareness
There are many software solutions designed to stop cyberattacks in their tracks, however your people are always your first line of defence. That’s why providing employees with cybersecurity training is so effective at reducing attacks. Cybersecurity training encourages employees to understand the cybersecurity threat landscape, how to identify security risks and the process of reporting potential cyberattacks or poor security practices. Effective cybersecurity training can decrease the chance of an organisation falling victim to a cyberattack, whilst developing a positive security culture within a business.
As all employees have some level of access to company data, they all play a role in protecting the business from a cyberattack. When designing cybersecurity training, provide enough information to give employees the tools required to identify potential attacks, without going into too much detail and confusing the audience. Some topics that should be covered include phishing attacks, social engineering attacks, password hygiene and how to stay secure whilst hybrid working.
You might want to consider subscribing to a Phishing & Security Awareness as a Service package, which provides training and simulated phishing attacks to keep employees up-to-date with the latest threats.
Backup and Disaster Recovery
As the most likely scenario is a widescale ransomware attack, it is essential that organisations have a tried and tested method of disaster recovery. Even if a business does pay the ransom after falling victim to an attack, typically they can only recover 65% of their data. To limit the downtime after an attack and increase the likelihood of being able to recover 100% of your data, you should make use of a comprehensive backup solution. Data should be backed up on a frequent, regular basis, with copies stored offsite to ensure they cannot be affected by ransomware. These backups should also form part of a larger disaster and incident recovery plan.
Although the world is in a period of increased global cyber risk, there is no need to panic. Implement the basic cybersecurity hygiene controls recommended by the NCSC, and assess your security posture to identify any vulnerabilities so you can take appropriate action.