What does this mean for UK businesses?
Not much has changed really in terms of the direct threat to UK businesses; the greatest threat remain ransomware attacks and fraud committed by email (known as business email compromise (BEC)).
The cyber threat to UK businesses has been heightened since the first half of 2020 (please see the graph below on trends in ransomware attacks) and has remained at elevated levels since then.
The increase in cyber attacks was due to (amongst other things) remote working away from corporate IT defences, coronavirus presenting a perfect storm for fraudsters and criminals making easy money.
Ransomware and BEC are conducted by criminals who are financially motivated. Russian criminal gangs dominate ransomware, but BEC is performed by criminals all over the globe.
Therefore, the cyber threat to UK businesses is driven by criminals and as such is less dependent on geopolitical tensions and will remain a persistent threat for the long term.
What steps should UK businesses take?
We recommend all businesses should have basic cyber defences in place as any firm that operates online is at risk.
2tela recommend SME’s review the NCSC’s Small Business Guide for cyber security. We provide consultancy and practical assistance to put this advice into practise, see here. These foundational steps can help stop ransomware attacks and reduce the chances of being defrauded by BEC.
As more and more businesses are being defrauded by BEC, 2tela have a comprehensive service to reduce the risk; through intelligence to understand if criminals have compromised email credentials to technical guidance to protect your IT systems. Contact us (see below) to find out more.
What is the ‘heightened cyber threat’ to the UK from Russia?
We assess that the threat to most UK businesses of a direct cyber-attack from the Russian government is low. However, Russia has the capability to attack critical national infrastructure (CNI) targets, as demonstrated in the war in Ukraine.
Therefore, the heightened threat is probably an increase in likelihood of Russia conducting a cyber attack against UK CNI, as well as elevated levels of traditional espionage to support its ongoing confrontation with NATO.