The war might be in Ukraine, but cybercrime sees no borders
We have all been left horrified by the conflict unfolding in Ukraine. However, while this may seem like another war being fought far from Scottish shores, the unity of global leaders and businesses may very well put a sour taste in the mouths of the Russian leadership.
To date, this has been a conflict mostly fought on the ground or from the air. We haven’t – as yet – seen the threat of “cybergeddon” become a reality. But that’s not to say that we won’t see this.
Instead, cyber-related attacks on Ukraine have so far been created to distract, rather than destroy. For example, in the first week of the conflict, Ukrainian banks and government websites were taken offline through a Distributed Denial of Service (DDoS) attack designed to overwhelm websites with large volumes of traffic.
In the same timeframe, we saw evidence of phishing emails targeting Ukrainian citizens.
For those working in the IT security sector, cyberattacks originating from Russia are nothing new. After all, the country is renowned for investing huge resources to develop and launch formidable hacking tools against rival nations.
Cyber experts have noted that the cyber tactics seen so far, however basic given the potential complexity of attacks Russian groups have inflicted in the past, could easily be extended into other countries and unsuspecting individuals and businesses could fall victim.
While organisations in Scotland have already been on the receiving end of significant cyber incidents over the last two years while tackling all the challenges that the pandemic brought with it.
Despite this, organisations remain reticent to becoming fully cyber resilient because they feel underprepared from a skills perspective. However, while the National Cyber Security Centre (NCSC) is not aware at the time of writing of a specific cyber threat, everyone must be on high alert for a cyber incident that could hit. I cannot stress this highly enough.
There are several steps that organisations should take – right now – to protect themselves against a potential incident:
- Ensure all devices, business and personal, are kept up to date and have the latest security updates – including the enabling of multifactor authentication.
- Speak to IT providers to ensure you have a regular patch management/ update policy in place.
- Implement an effective incident response plan and ensure team members are aware of their roles in such an event.
- Confirm that backups and restore mechanisms as well as online defences are working as expected.
- Before leaving the office each weekend, send a reminder email to all staff to let them know of the threat – and be vigilant for phishing emails etc. Include links to websites such as NCSC, the Scottish Business Resilience Centre (SBRC) and CyberScotland so employees can educate themselves and be more vigilant.
- Keep up to date on the latest threat alerts by following the NCSC’s social media channels over the coming weeks and months.
- If you think you are a victim of a cyberattack, please call the SBRC incident response line on 01786 437472 and Police Scotland on 101.
In the last month, we have also seen the Scottish Government further commit to protecting the recovery of businesses and organisations with the launch of the Scottish Cyber Coordination Centre to boost the country’s ability to prevent and combat digital crime.
It will undoubtedly become a valuable resource in notifying individuals and businesses about the latest cyber threats.
So, as we raise our heads above the pandemic parapet, organisations must act now so they don’t become a victim of collateral damage at the hands of what could be a devastating global cyberattack originating from Russia. Forging connections with expert groups that can provide counsel and support so that your organisation is better equipped to deal with a significant cyber incident is a must. The consequences of doing nothing are far-reaching.
Related posts
Interviews
Comment
Please mind the gap… or healthcare may fall
Imagine sharing a lengthy train journey with others. From beginning to end, imagine how often you might hear ‘mind the gap’ messages about embarking and disembarking safely. Picture how navigating…
Women Lead: My journey from Dragons’ Den to Silicon Valley
Following her appearance on Dragons’ Den, Sheila Hogan, serial entrepreneur, founder and chief executive of digital legacy vault, Biscuit Tin, shares her experience of her time in the Den and…
Look anywhere – the future is ‘aged tech’. But Scotland needs to be more adventurous
Scottish Care, as the representative body of independent social care providers of care home, care at home and housing support services, has been working over several years with colleagues in…
Women Lead: Engineer turned entrepreneur
We are always fascinated by other people’s stories. It’s how we connect, grow and learn from each other. Until very recently I always felt like I didn’t have a story to tell. Who…
‘Women – together we will change the dynamic in tech’
I was inspired to start a career in technology when personal computers were in their infancy and the internet decades away. My childhood dream of becoming a scientist was shaped by…
It’s time to change the future of tech apprenticeships – and we need your help
In his latest exclusive column for Futurescot, Ross Tuffee, chair of the Skills Development Scotland (SDS) Digital Economy Skills Group, calls on tech employers to get involved in shaping the…
What AI difference a year makes
Amazingly, it’s been one year since the publication of Scotland’s AI Strategy. And what a year it has been. Demanding but rewarding, with good progress made and great foundations laid…
International Women’s Day: It’s time to harness power of women in technology
As we celebrate International Women’s Day, I hope to be part of a future where barriers that prevent women from competing on a level playing field in the work environment…