Should your UK SME worry about Russian cyber attacks?

Elmellas thinks Russia could target organisations helping the Ukrainian army, such as defence or military-linked companies.

“Those businesses would be more at risk than before. Russia might try to cripple certain key systems.”

Further down the line, Russian cyber criminals could up the ante and conduct financial-based attacks on cryptocurrency to “try and prop up the economy and circumvent the severe financial sanctions”, says Thornton-Trump. “My prediction seems to fall in line with how increased financial sanctions and trade restrictions directed the response of Iranian and North Korean threat actors.”

How can UK businesses protect themselves?

As a result of the conflict, the NCSC says all UK organisations should bolster their online defences and follow its guidance on steps to take when the cyber threat is heightened. This includes basic steps such as patching, putting incident response plans in place and ensuring backups.

Overall, it’s important not to panic while at the same time being aware the Russian threat is out there, but it’s not the only country active in the cyber space. The main cyber powers to be aware of are China, Russia, Iran and North Korea, which each have their own aims and agendas.

Taking this is into account, should businesses pay any more attention to Russian-sourced threats than others? In the short term, some firms should, says Martin. “Critical infrastructure, for example, should be on higher alert,” he advises. In the long run, though, he says this isn’t necessary. “There are loads of threat actors out there.”

Thornton-Trump concurs. “I think it’s very short-sighted to only pay attention to Russian threats, as crime and criminal actors are not exclusive to Russia. Like most things in cyber defence, an intelligence-led risk-based approach is required.”

If businesses are involved in military or CNI they should invest in DDoS prevention, says Elmellas. At the same time, he says: “All companies should be making sure they invest in their infrastructure. Check everything is up to date and most recent patches are applied.”

Photo by Shahadat Rahman on Unsplash

Editor
Environmental Tech specialist, with years of experience in previous senior IT roles who cares very much about the environment.