Attivo Networks Blogs

UK organisations urged to bolster cybersecurity resilience in response to Ukraine situation

intelligent CISO

UK organisations are being urged to bolster their cybersecurity resilience in response to the malicious cyber incidents in and around Ukraine.  

It comes after the National Cyber Security Centre (NCSC), which is part of GCHQ, recently updated its guidance to UK companies and organisations.

The NCSC is investigating the recent reports of malicious cyber incidents in Ukraine. Incidents of this nature are similar to a pattern of Russian behaviour seen before in previous situations, including the destructive NotPetya attack in 2017 and cyberattacks against Georgia. The UK Government has attributed responsibility for both these attacks to the Russian Government.   

While the NCSC is not aware of any current specific threats to UK organisations in relation to events in and around Ukraine, the guidance encourages organisations to follow actionable steps that reduce the risk of falling victim to an attack.

Paul Chichester, NCSC Director of Operations, said: “The NCSC is committed to raising awareness of evolving cyberthreats and presenting actionable steps to mitigate them. While we are unaware of any specific cyberthreats to UK organisations in relation to events in Ukraine, we are monitoring the situation closely and it is vital that organisations follow the guidance to ensure they are resilient. 

“Over several years, we have observed a pattern of malicious Russian behaviour in cyberspace. [Recent] incidents in Ukraine bear the hallmarks of similar Russian activity we have observed before.”

The guidance, which is primarily aimed at larger organisations, also advises organisations which fall victim to a cyberattack to report the incident to the NCSC’s 24/7 Incident Management team.

Carolyn Crandall, Chief Deception Officer at Attivo Networks, said: “Businesses should take an assumed breached security posture to prepare for an onslaught of advanced and targeted attacks. This assumption shifts security focus to readiness and threat hunting for incursions within the network. Advanced threats will use identity-based attacks that inherently bypass traditional endpoint and network security defences. Security teams need to be on high alert for credential theft and misuse, privilege escalation and lateral movement threat activities. Active Directory, which is the main credential store, must be protected as a top priority. This means having in place continuous visibility tools that find and fix exposures, misconfigurations and policy drift. It also needs to include live attack detection and, ideally, the ability to redirect unauthorised access attempts to cyber-deception decoys for threat intelligence gathering. Organisations should also not be overconfident in Multi-Factor Authentication to protect identities – advanced attackers are fully equipped to bypass these controls.”

Read the original article by Alix Pressley on Intelligent CISO.

Share on:

Free Active Directory Assessment

Get Visibility Into Privilege And Service Account Exposure

For a limited time, Attivo Networks is providing free Active Directory Security Assessments to demonstrate how ADAssessor provides unprecedented and continuous visibility to AD vulnerabilities.

Try Our Endpoint Detection Net (EDN) for Free

FAST AND EASY

Free use offer of our Award-winning security solution to prevent attackers from lateral movement, credential theft, and privilege escalation, fast and easy.

Newsletter Signup

    Yes, please opt me in to receive your quarterly newsletter, event invitations, and product updates.

    I understand that I can opt out at any time, and can refer to Attivo Networks Privacy Policy for more information.
  • This field is for validation purposes and should be left unchanged.

ADSecure 90-Day Free Trial

GET PROTECTION AGAINST UNAUTHORIZED ACCESS TO ACTIVE DIRECTORY

  • Hide and deny access to AD objects
  • Get alerted on unauthorized queries
  • Attack details easily viewable in dashboard
  • Your data remains on-premise

RSS

Leave a Comment

Your email address will not be published.

15 − 13 =

Ready to find out what’s lurking in your network?

Scroll to Top