What conflict in Ukraine means for UK cyber security – University professor

As Russia’s invasion of Ukraine continues, concern is mounting that the conflict will unleash a fresh wave of cyber-attacks throughout the world.

The recent discovery in Ukraine of ‘wiper’ malware, a denial-of-service assault which paralyses websites by bombarding them with information requests, has accelerated a rush by businesses to bolster their defences should it spread.

Microsoft has also detected a new malware named ‘FoxBlade’ which has focused on stealing health, insurance and transportation data from Ukrainian essential services.

According to Professor Kamal Bechkoum, Head of the School of Computing and Engineering at University of Gloucestershire, the cyber threat in Ukraine could well be spilling over into Western nations, meaning UK businesses should take urgent action.

He explains: “Earlier this month John Edwards, the UK information commissioner, was asked about the potential for a Russia-Ukraine cyber conflict spreading to the UK.

“Mr Edwards responded, ‘We have picked up on that heightened threat environment and think it’s really important to take the opportunity to remind businesses of the importance of security over the data that they hold. This is a different era from blacking out the windows and keeping the lights off. The threats are going to come in through your inbox.’

“He further added that outside the Ukraine conflict and the warnings it had brought of a heightened security threat, the Information Commissioner’s Office had seen a steady and significant increase in cyber-attacks against UK businesses over the past two years.

“In this era of global threats, we can all be victims,” continues Kamal. “Too many businesses and people are caught out thinking ‘it’s not going to be us, we’re not that important.’ This is precisely when you can become most exposed.

“Cyber threats should be treated as a company-wide responsibility that is part of organisational culture and fully embedded in disaster recovery plans.

“Around 95% of internal breaches are caused by human error. Training and education have to be continuous as digital resilience is a process, not an event, and as such requires continuous vigilance and ongoing risk assessment.

“Business leaders often look to IT for solutions, but it is vital to work across the organisation and act with unified purpose. On average we create 2.5 quintillion bytes of data – or one billion, billion bytes – every day. It’s clear increasing connectivity is challenging online safety in new and unexpected ways.

“Ideally, a formal approach should be taken to ensure networks, computers, mobile devices and software are all regularly updated, access to sensitive data and passwords is secure, and staff are aware that phishing attacks may increase and are trained to respond appropriately.

“These processes need frequent review, in addition to the adoption of live policies and practices which link to the core of an organisation’s strategy. Plans should include training and simulated scenarios where a company practices being hit by a major online threat.

“These test runs allow senior staff to ask questions such as ‘what would the reaction of our CEO or spokesperson be?’ and ‘How do we communicate a cyber-breach to our stakeholders and the media?’

“The ultimate answer to keeping safe is to take the best precautions possible when it comes to infrastructure and people, and then be prepared to act if things go wrong.”

The University trains employees and executives to deliver overviews of cyber security, the motivations and methods of ‘threat actors,’ details on why an organisation might be targeted and live-hacking demonstrations and improved security behaviour guidance.