UK companies and organizations have been urged to bolster their defenses against potential Russian cyberattacks as Moscow masses military forces on the Ukrainian border.
Britain’s National Cyber Security Centre has directed organizations to take action “in response to the malicious cyber incidents in and around Ukraine,” saying recent attacks are “similar to a pattern of Russian behaviour seen before in previous situations.”
“While we are unaware of any specific cyber threats to UK organisations in relation to events in Ukraine, we are monitoring the situation closely and it is vital that organisations follow the guidance to ensure they are resilient,” said director of operations Paul Chichester.
The National Cyber Security Centre is part of UK signals intelligence agency GCHQ.
UK organizations should protect against potential attacks by patching their computer systems and enabling multi-factor authentication, the National Cyber Security Centre said. They should also ensure that online defenses are working as expected and keep up to date with the latest threat and mitigation information.
The recommendations are primarily aimed at larger organizations.
Scores of Ukrainian government websites were targeted earlier this month in a cyberattack that included text warning Ukrainians to “be afraid and wait for the worst” and alleging their personal information had been hacked. Ukraine claimed Russia was most likely behind the attack.
Cyber operations have been a recurring aspect of the conflict in Ukraine, which began when Russia annexed Crimea in 2014.
Suspected Russian hackers cut power in parts of Ukraine in 2015 and 2016, and unleashed devastating malware known as NotPetya in 2017 that began infecting organizations in Ukraine but spread globally, causing billions of dollars in damage. The US Justice Department blamed the incidents on Russia’s GRU military intelligence agency.
“Over several years, we have observed a pattern of malicious Russian behaviour in cyberspace. Last week’s incidents in Ukraine bear the hallmarks of similar Russian activity we have observed before,” Chichester said on Friday.
The United States is also on watch against potential cyberattacks as Russia masses troops on its border with Ukraine. Russia denies it is planning an invasion.
Russia would consider conducting a cyberattack on the United States if Moscow perceived that a US or NATO response to a potential Russian invasion of Ukraine “threatened [Russia’s] long-term national security,” according to a January 23 Department of Homeland Security intelligence bulletin obtained by CNN.
“Russia maintains a range of offensive cyber tools that it could employ against US networks — from low-level denials-of-service to destructive attacks targeting critical infrastructure,” said the memo, which was distributed to critical infrastructure operators and state and local governments.
President Joe Biden said at a recent press conference that the United States could respond with cyber operations of its own should Russia conduct additional cyberattacks in Ukraine.
— Sean Lyngaas and Sharon Braithwaite contributed reporting.