Organizations using software or products with links to Russia have been advised to take time to consider the risks associated with the use of such technologies following Russia’s invasion of Ukraine.
New guidance from the National Cyber Security Center (NCSC) – part of GCHQ – says that organizations in several critical sectors should especially reconsider the risks of using Russian-controlled products. as part of their network or supply chain because the risk of potential cyber attacks.
The NCSC said Russian law already includes legal obligations for companies that support Russia’s Federal Security Service (FSB) and pressure to do so could increase in times of war. And while they say there is no evidence the Russian state intends to downplay commercial Russian products and services to the detriment of UK interests, the absence of proof is not. evidence of absence.
“In our view, it would be prudent to plan for the possibility that this could happen,” Ian Levy, NCSC technical director, said in a blog post.
“You can actively choose to remove Russian products and services, wait until your contract expires (or your next technology refresh), or do it in response to some geopolitical events. Alternatively, you can choose to live with the risk,” Levy said.
He added: “Whatever you choose, remember that cybersecurity, even in times of global uncertainty, is still a balance of different risks. The rush to change a product is ingrained. into your business could cause the damage you’re trying to prevent.”
NCSC said organizations providing services to Ukraine and organizations or individuals doing work that could be seen as going against the interests of the Russian state, becoming the target of retaliation for cyberattacks, should reconsider their risks.
Organizations participate in critical infrastructurepublic sector and high-level institutions, if compromised, could represent what the NCSC describes as a ‘PR victory’ for Russia is also encouraged to think about the risks of using technology products and software associated with Russia.
National security agencies in the government have been advised against using cloud-enabled products where the supply chain included countries like Russia in 2017, but after the invasion of Ukraine, people Others are also being encouraged to consider the risks.
The NCSC cannot provide customized guidance on risk management for every business, but it does urge organizations to exercise caution when making mistakes, especially if they are more likely to become targets of Russian cyberattacks. for the invasion of Ukraine. Organizations should also consider how they can protect their networks if those services are abused.
“This conflict has changed the world order and the increased risk and uncertainty won’t go away anytime soon. The best thing to do, however, is to plan, to make sure your systems are working properly. be realistic and have a good recovery plan,” Levy said.
SEE: A winning strategy for cybersecurity (ZDNet special report)
The NCSC also notes that any additional sanctions against Russia could mean services could be stopped immediately, so organizations should check if they will mitigate this. how.
Russian state-backed hackers are accused of being the perpetrators of several major hacking campaigns, including SolarWinds supply chain attack.
In many cases, these attacks target as low as abuse of unpatched software, weak passwords, and poor network management. The organizations are encourage the application of security patches And use Strong Password to help protect the network from nation-state hackers – and other cybercriminals using similar tactics.
One of the most widely used forms of Russian-owned software is Kaspersky antivirus. According to the NCSC, individual users are very unlikely to be targeted by any potential cyberattacks aimed at abusing the software, meaning it is “probably safe to turn on and use at the moment,” according to Levy.
However, it is warned that if Kaspersky is subject to sanctions and anti-virus software stops receiving updates, users may need to switch to another provider.
The NCSC will continue to assess the potential risk of cyberattacks by Russia – and other hostile groups – that could target the UK. The NCSC has previously issued guidance about what organizations can do to help protect their networks from possible cyberattacks as a result of Russia’s invasion of Ukraine.
MORE ABOUT CYBERSECURITY
