Gib follows UK lead, urging organisations to boost cyber attack defences amid Ukraine tensions

Organisations in Gibraltar have been warned to bolster their digital defences due to “malicious” cyber incidents in Ukraine.

The warning echoes a message from the UK National Cyber Security Centre (NCSC), which updated its guidance to UK firms and groups and said it is investigating the recent reports of “malicious cyber incidents in Ukraine”.

The NCSC said it had not identified any current threats to the UK, but noted its updated guidance would allow organisations “to build resilience and stay ahead of potential threats”.

In Gibraltar, the Gibraltar Government followed suit.

‘In line with the UK’s National Cyber Security Centre (NCSC) warning issued today, due to increased malicious cyber incidents identified in and around Ukraine, the Government of Gibraltar advises all organisations to review and bolster their cyber security resilience,” No.6 Convent Place said in a statement.

“While the Government is not aware of any current specific threats to Gibraltar based organisations, guidance encourages organisations to review their current cyber security policies, procedures and protocols.”

“They include things like patching systems; enabling multifactor authentication; and checking that backups and restore mechanisms are working.”

The NCSC’s director of operations, Paul Chichester, said: “The NCSC is committed to raising awareness of evolving cyber threats and presenting actionable steps to mitigate them.”

“While we are unaware of any specific cyber threats to UK organisations in relation to events in Ukraine, we are monitoring the situation closely and it is vital that organisations follow the guidance to ensure they are resilient.”

“Over several years, we have observed a pattern of malicious Russian behaviour in cyberspace. Last week’s incidents in Ukraine bear the hallmarks of similar Russian activity we have observed before.”

The updated guidance encourages organisations to reduce the risk of falling victim to a cyber attack by taking “actionable” steps.

These include patching systems, improving access controls and enabling multi-factor authentication, implementing an effective incident response plan, checking that backups and restore mechanisms are working, ensuring that online defences are working as expected, and keeping up to date with the latest threat and mitigation information.