Cyber risk to increase amid Russian invasion of Ukraine

As Russia continues its invasion of Ukraine, the UK can expect a heightened level of cyber risk and more frequent attacks against western countries and their allies, according to cybersecurity firm CyberCX.

Russian state-sponsored actors are currently launching cyber attacks against Ukraine and members of NATO. CyberCX said that these are mostly low-sophistication attacks such as website defacements and DDoS attacks, but some are more advanced, such as wiper-malware masquerading as ransomware.

“We assess there is a real chance that Russian-linked ransomware actors will increase targeting of all western assets, further exacerbating the recent rise in cyber extortion,” said Christina Stevenson, director of CyberCX. “We have moderate confidence that Russian intelligence services are able to influence the targeting of cyber extortion groups, as part of a broader Russian strategy of destabilising and disrupting western governments and democracies.”

Stevenson advised UK businesses and organisations to be more mindful of any anomalies and prepared to respond to cyber incidents.

CyberCX listed several of its services that can help manage cybersecurity risks during this volatile international situation.

• Performing threat hunts aligned to tradecraft used by Russian threat actors
• Triaging high-quality indicators of compromise related to Russia-based cyber threats
• Implementing any “quick win” cyber mitigations not already in place
• Empowering emergency patch management for new vendor patches
• Ensuring any surge capacity operational teams are on standby
• Maintaining situational awareness of the latest cyber threat intelligence

“In the event of an increased scale of cyber attacks against Ukraine, we assess the most likely targets will be domestic industrial and military assets, as well as organisations in the government, financial services, media, and telecommunications sectors,” Stevenson said.