- Jersey Cyber Security Centre Newsletter
- Archive
- Page 3
Archive
Cyber Security Update from CERT.JE - Issue #2
Dear all – newsletter no.2! Some weekend reading for you. The cyber security risk of many jurisdictions - including Jersey - has been raised by the invasion of Ukraine. The inclusion of Jersey in Russia’s list of unfriendly nations, due to the implementation of sanctions has also heightened interest by hackers and carries the risk of a nation state response. Russia has a mature offensive cyber capability and has previously shown a willingness to use it. A series of cyber attacks have now been carried out against Ukraine and other targets. Previous attacks against Ukraine, such as the NotPetya malware in 2017, have had a global impact compromising both companies and public services.What actions are we taking?CERT has led the Island’s first C-TAC (Cyber Technical Advisory Cell), following the invasion, and is coordinating response to the raised cyber risk impacting the Island as part of wider emergency planning structures. C-TAC is a multi-agency group with representatives across government and industry. Actions already taken have included issuing controls guidance to industry, awareness raising via local media, webinars and briefings, and updating island risk assessments to ensure appropriate response plans are in place. The continuing development of CERT’s capabilities over 2022 will provide further support. We continue to monitor key threat indicators both directly and via local and international partners, and encourage local organisations to report significant increases in malicious activity. Nevertheless, every organisation is responsible for their own controls – now is a good time to consider what more you can do!Where are the cyber attacks?Whilst there is some evidence of increased interest in Jersey by hacker groups this has not as yet translated into a higher level of attacks. This has surprised many commentators who expected immediate widespread cyber activity, but cyber attacks take time and effort to undertake successfully and those we see in practice are likely to be more targeted. Current advice from the UK’s NCSC remains that the threat level is raised and actions should be taken to improve controls. President Biden has commented that US intelligence believes the Russian Government is exploring options for potential cyber attacks. The situation remains highly volatile and can change at short notice.This is not the moment to stand down – it is the moment to get ready. This is a long term challenge and it is expected that the ongoing raised cyber risk resulting from this conflict – and the increased adoption of offensive cyber techniques by nation states and organised crime, combined with the high degree of dependence on IT by financial services firms, public services and the digital economy – will continue to require a heightened response.What should I do?If you are not sure where to start, implementing the NCSC’s Early Warning System (see below) provides an immediate practical benefit, as does implementing multi-factor authentication throughout your organisation, and patching vulnerabilities quickly and consistently.Regards, Matt
Invasion of Ukraine - Raised Cyber Threat
I had not expected our first newsletter to be on so serious a topic. However, current geopolitical events do raise the threat profile of most countries and organisations in a material way.To the surprise of many analysts, cyber activities have played a relatively small role in this conflict to date despite at least four rounds of attacks involving several different techniques. This may of course change, and nation state actors are not the only players. As I write, I am tracking 16 different threat actors engaged in cyber action in response to Russia's invasion of Ukraine. This includes groups such as Conti, who have (with some disagreement amongst themselves) decided to support Russia, others such as Anonymous who have decided to operate in support of Ukraine, and others simply looking to take advantage of the distraction. The only certainly is that malicious cyber activity - both criminal and activist driven - is likely to increase and be sustained, and that carries a risk of collateral damage even to countries and organisations that are not targeted. Economic pressures may further increase this. We can expect an increased threat level to persist for some time.Some may know I have a personal interest in this particular conflict. That does not affect our advice, which relates purely to the practical impact on cyber threats to the Island and what actions should be taken to address this. However, I visited St Helier Parish Hall this afternoon and spoke with the Polish Consul who was organising collections for those who have left their homes to seek safety. Should you wish to contribute to these humanitarian efforts donations of goods are being welcomed, and a vigil has been organised by the Bailiff at 6pm on Friday. Of course if you would like to discuss the cybersecurity advice in our notice below, you will find me there.Regards,Matt