The war might be in Ukraine, but cybercrime sees no borders

We have all been left horrified by the conflict unfolding in Ukraine. However, while this may seem like another war being fought far from Scottish shores, the unity of global leaders and businesses may very well put a sour taste in the mouths of the Russian leadership.

To date, this has been a conflict mostly fought on the ground or from the air. We haven’t – as yet – seen the threat of “cybergeddon” become a reality. But that’s not to say that we won’t see this.

Instead, cyber-related attacks on Ukraine have so far been created to distract, rather than destroy. For example, in the first week of the conflict, Ukrainian banks and government websites were taken offline through a Distributed Denial of Service (DDoS) attack designed to overwhelm websites with large volumes of traffic.

In the same timeframe, we saw evidence of phishing emails targeting Ukrainian citizens.
For those working in the IT security sector, cyberattacks originating from Russia are nothing new. After all, the country is renowned for investing huge resources to develop and launch formidable hacking tools against rival nations.

Cyber experts have noted that the cyber tactics seen so far, however basic given the potential complexity of attacks Russian groups have inflicted in the past, could easily be extended into other countries and unsuspecting individuals and businesses could fall victim.

While organisations in Scotland have already been on the receiving end of significant cyber incidents over the last two years while tackling all the challenges that the pandemic brought with it.

Despite this, organisations remain reticent to becoming fully cyber resilient because they feel underprepared from a skills perspective. However, while the National Cyber Security Centre (NCSC) is not aware at the time of writing of a specific cyber threat, everyone must be on high alert for a cyber incident that could hit. I cannot stress this highly enough.

There are several steps that organisations should take – right now – to protect themselves against a potential incident:

  • Ensure all devices, business and personal, are kept up to date and have the latest security updates – including the enabling of multifactor authentication.
  • Speak to IT providers to ensure you have a regular patch management/ update policy in place.
  • Implement an effective incident response plan and ensure team members are aware of their roles in such an event.
  • Confirm that backups and restore mechanisms as well as online defences are working as expected.
  • Before leaving the office each weekend, send a reminder email to all staff to let them know of the threat – and be vigilant for phishing emails etc. Include links to websites such as NCSC, the Scottish Business Resilience Centre (SBRC) and CyberScotland so employees can educate themselves and be more vigilant.
  • Keep up to date on the latest threat alerts by following the NCSC’s social media channels over the coming weeks and months.
  • If you think you are a victim of a cyberattack, please call the SBRC incident response line on 01786 437472 and Police Scotland on 101.

In the last month, we have also seen the Scottish Government further commit to protecting the recovery of businesses and organisations with the launch of the Scottish Cyber Coordination Centre to boost the country’s ability to prevent and combat digital crime.

It will undoubtedly become a valuable resource in notifying individuals and businesses about the latest cyber threats.

So, as we raise our heads above the pandemic parapet, organisations must act now so they don’t become a victim of collateral damage at the hands of what could be a devastating global cyberattack originating from Russia. Forging connections with expert groups that can provide counsel and support so that your organisation is better equipped to deal with a significant cyber incident is a must. The consequences of doing nothing are far-reaching.