Britain’s cyber security centre has urged UK organisations to check their cyber defences because of concern about the potential for new Russian cyber attacks linked to tensions with Ukraine.
The public-facing arm of the spy agency GCHQ encouraged everyone to read new guidance published on its website entitled: “Actions to take when the cyber threat is heightened.”
Paul Chichester, director of operations at the National Cyber Security Centre (NCSC), said: “While we are unaware of any specific cyber threats to UK organisations in relation to events in Ukraine, we are monitoring the situation closely and it is vital that organisations follow the guidance to ensure they are resilient.
“Over several years, we have observed a pattern of malicious Russian behaviour in cyber space. Last week’s incidents in Ukraine bear the hallmarks of similar Russian activity we have observed before.”
Ukraine was hit on 14 January by what Ukrainian officials described as a “massive cyber attack” that targeted some 70 government websites.
Oleksiy Danilov, the top security adviser to Ukraine’s president, told Sky News at the time that he was 99.9% sure Russia was behind the assault.
The Kremlin has denied the claim.
Officials from the NCSC are “urgently” helping the Ukrainian government investigate the attack and discover who was behind it.
The cyber offensive unfolded as Russia amasses more than 100,000 troops and weaponry close to Ukraine’s borders.
The military mobilisation has prompted fears in Western capitals of a new Russian invasion of its neighbour – eight years after President Vladimir Putin annexed Crimea and backed separatists in the east.
The NCSC said in a statement on Friday: “While the government is not attributing responsibility for the recent cyber incidents in Ukraine, the NCSC is urgently investigating them.
“Incidents of this nature are similar to a pattern of Russian behaviour seen before in previous situations.”
This included a global cyber attack in 2017 that cost businesses around the world hundreds of millions of pounds.
The UK has previously accused Russian military intelligence of launching the NotPetya attack against government IT systems in Ukraine.
The malware then spread across 64 other countries, including the UK.
Cyber hostilities are a form of attack that can take place in a grey zone under the threshold of war or as part of a physical, military invasion.
The new NCSC warning appears designed to try to ensure British companies and other organisations are better prepared in case another cyber attack against Ukraine then infects the internet worldwide.
It is a sign of how a conflict in one part of the world can impact anyone, anywhere because cyber weapons do not respect geographical boundaries.
The “guidance encourages organisations to follow actionable steps that reduce the risk of falling victim to an attack”, the cyber centre said.
These actions are listed on its new guidance, which was published last week – three days after the cyber attack against Ukrainian government websites became public.
They include things like patching systems; enabling multifactor authentication; and checking that backups and restore mechanisms are working.
Any organisation that falls foul of a cyber attack is advised to report the incident to the NCSC.