The UK’s National Cyber Security Centre (NCSC) has issued an alert warning about the elevated risk of attacks from state-aligned Russian hacktivists. According to the alert, these hacktivist groups are ideologically motivated and sympathetic to Russia’s invasion.
While they have typically focused on Distributed Denial of Service (DDoS) attacks, the NCSC warns that they have expressed their intention to cause more damage if possible, and larger organizations should be prepared for advanced actions, such as temporarily reducing system functionality and preparing for extended operational hours.
To increase security, the NCSC recommends that all organizations in the UK implement the recommended actions to protect themselves. These actions include system patching, access control verification, functioning defenses, logging and monitoring, reviewing backups, incident plans, and managing third-party access.
They also recommend following specific principles for secure system administration, such as securing all devices used to access system administration interfaces, ensuring only authorized users access interfaces with high system privileges, and recording and logging all administration actions.
The NCSC considers it unlikely that pro-Russian hacktivist groups can cause any significant damage to valuable corporate or government networks without external assistance.
However, it warns that this may change over time, and these groups could become more effective in their attacks. The organization, therefore, urges organizations to act now and manage the risk against successful future attacks. By taking these measures, organizations can protect themselves against possible harm from state-aligned Russian hacktivists.
