The war might be in Ukraine, but cybercrime sees no borders
We have all been left horrified by the conflict unfolding in Ukraine. However, while this may seem like another war being fought far from Scottish shores, the unity of global leaders and businesses may very well put a sour taste in the mouths of the Russian leadership.
To date, this has been a conflict mostly fought on the ground or from the air. We haven’t – as yet – seen the threat of “cybergeddon” become a reality. But that’s not to say that we won’t see this.
Instead, cyber-related attacks on Ukraine have so far been created to distract, rather than destroy. For example, in the first week of the conflict, Ukrainian banks and government websites were taken offline through a Distributed Denial of Service (DDoS) attack designed to overwhelm websites with large volumes of traffic.
In the same timeframe, we saw evidence of phishing emails targeting Ukrainian citizens.
For those working in the IT security sector, cyberattacks originating from Russia are nothing new. After all, the country is renowned for investing huge resources to develop and launch formidable hacking tools against rival nations.
Cyber experts have noted that the cyber tactics seen so far, however basic given the potential complexity of attacks Russian groups have inflicted in the past, could easily be extended into other countries and unsuspecting individuals and businesses could fall victim.
While organisations in Scotland have already been on the receiving end of significant cyber incidents over the last two years while tackling all the challenges that the pandemic brought with it.
Despite this, organisations remain reticent to becoming fully cyber resilient because they feel underprepared from a skills perspective. However, while the National Cyber Security Centre (NCSC) is not aware at the time of writing of a specific cyber threat, everyone must be on high alert for a cyber incident that could hit. I cannot stress this highly enough.
There are several steps that organisations should take – right now – to protect themselves against a potential incident:
- Ensure all devices, business and personal, are kept up to date and have the latest security updates – including the enabling of multifactor authentication.
- Speak to IT providers to ensure you have a regular patch management/ update policy in place.
- Implement an effective incident response plan and ensure team members are aware of their roles in such an event.
- Confirm that backups and restore mechanisms as well as online defences are working as expected.
- Before leaving the office each weekend, send a reminder email to all staff to let them know of the threat – and be vigilant for phishing emails etc. Include links to websites such as NCSC, the Scottish Business Resilience Centre (SBRC) and CyberScotland so employees can educate themselves and be more vigilant.
- Keep up to date on the latest threat alerts by following the NCSC’s social media channels over the coming weeks and months.
- If you think you are a victim of a cyberattack, please call the SBRC incident response line on 01786 437472 and Police Scotland on 101.
In the last month, we have also seen the Scottish Government further commit to protecting the recovery of businesses and organisations with the launch of the Scottish Cyber Coordination Centre to boost the country’s ability to prevent and combat digital crime.
It will undoubtedly become a valuable resource in notifying individuals and businesses about the latest cyber threats.
So, as we raise our heads above the pandemic parapet, organisations must act now so they don’t become a victim of collateral damage at the hands of what could be a devastating global cyberattack originating from Russia. Forging connections with expert groups that can provide counsel and support so that your organisation is better equipped to deal with a significant cyber incident is a must. The consequences of doing nothing are far-reaching.
The pandemic has taught me how to share more – and I feel a better leader for it
As a young professional starting out in the tech sector 30 years ago, I thrived on the fast pace,constant change and demanding workload. I lived in London, Singapore and Australia…
We need to shout about our successes. Liz Fletcher on celebrating women in biotech
Throughout my career in biotechnology and life sciences, I have seen many women leading ground-breaking research studies in their fields of expertise. Yet, and I include myself in this, we…
Getting the best out of patient data is key to unlocking future health benefits in Scotland
It is important that clinicians’ voices are heard in the consultation around Scotland’s new health and care data strategy, which closes this week (12 August). Busy GPs like myself are the trusted…
How motherhood helped me be a better leader
Consider this an open letter to anyone I have worked with before I became a mother and before I fully understood how being a parent is actually a prized asset…
‘We cannot achieve our goals without entrepreneurs’ – Kate Forbes on vision for new ‘tech scaler’ network
From the very start of my ministerial career, I have had responsibility for the Scottish tech sector – and I can still say what I have said from the start,…
Finding a role in cyber was ‘tough’ for Cheryl Torano. Now she’s determined to help other women join an under-represented industry
When I decided to upskill to change careers at the age of 30 and dive into the digital world, I knew I would be starting out at the bottom of…
Why innovation and marketing are the perfect partners to make changes that matter￼
With the rapid evolution of traditional marketing and the appearance of digital marketing, technology and innovation has become part of any marketer’s life without the need of working for a…
Transitioning to a four-day week – CEO’s vow to strike a healthier balance in the workplace
I came to Scotland nearly 20 years ago from Ireland, with no contacts but a lot of determination. While Ireland will always be my home, Scotland has given me amazing…