NCSC warns UK organisations to bolster defences against Russian cyberthreat

Written by Sam Trendall on 1 February 2022 in News

Cyber unit instructs organisations that the time has come to ‘take action’ after attacks in Ukraine

Credit: Gerd Altmann from Pixabay

The National Cyber Security Centre has instructed UK business to take urgent action to bolster their IT defences to best protect against potential cyberthreats from Russia.

The warning comes in light of growing tensions between leaders over Ukraine, and the potential threat posed by Russian troops that were recently moved close to the country’s borders.

The NCSC claims that recent weeks have also brought a spate of “malicious cyber incidents in and around Ukraine”. Over the last few years, the GCHQ-based cyber unit has joined overseas counterparts and government ministers in repeatedly calling out attacks attributed to Russian authorities.

The incidents seen in Ukraine in recent weeks “fit with the pattern of Russian behaviour previously observed”, it said.

Related content

The centre said that it is “not aware of any current specific threats to UK organisations in relation to events in and around Ukraine” but has updated its guidance to encourage UK organisations – particularly large companies – to take immediate steps to increase their cyber resilience.

Recommended measures include: “patching systems; improving access controls and enabling multi-factor authentication; implementing an effective incident response plan; checking that back-ups and restore mechanisms are working; ensuring that online defences are working as expected; and keeping up to date with the latest threat and mitigation information”.

Any organisations that believe they have suffered a cyberattack are instructed to contact the NCSC’s incident management team, which operates around the clock.

“The NCSC is committed to raising awareness of evolving cyberthreats and presenting actionable steps to mitigate them,” said the centre’s director of operations Paul Chichester. “While we are unaware of any specific cyberthreats to UK organisations in relation to events in Ukraine, we are monitoring the situation closely and it is vital that organisations follow the guidance to ensure they are resilient. Over several years, we have observed a pattern of malicious Russian behaviour in cyberspace. [Recent] incidents in Ukraine bear the hallmarks of similar Russian activity we have observed before.”


About the author

Sam Trendall is editor of PublicTechnology. He can be reached on

Share this page




Please login to post a comment or register for a free account.

Related Articles

Russia: sanctions tightened on exports of monitoring and military tech
24 June 2022

New measures prohibit supply of any tech used for ‘internal repression’

‘A core part of national infrastructure’ – ministers consider regulating to make the cloud safer
27 May 2022

Consultation launched seeking feedback on risks and mitigations for systems that now underpin a wide range of ‘essential services’ 

EXCL: Wall of silence surrounds plan for nationwide collection of citizens’ internet records
26 May 2022

Online notice reveals controversial trials are to be expanded into a national service – about which government, law enforcement, watchdogs and all the UK’s major ISPs declined to answer questions...

Ex-Whitehall top dog to join board of defence and security firm
27 June 2022

Former cabinet secretary Mark Sedwill has landed a non-executive role at BAE Systems