Ukraine Crisis – and the risk to information security

Update

“The UK is closer to the crisis in Ukraine than you might think. While 2,000-odd miles separate us physically from their borders with Russia, that distance is much shorter in cyber space – and attacks targeting Ukraine’s digital infrastructure could be felt here in Britain”.

Lindy Cameron – CE National Cyber Security Centre
 

The University’s information security policy and guidance should be always be followed. This is particularly important at present due to the risks from Russian actions against Ukraine. In the past such actions included cyber-attacks against Ukraine’s critical infrastructure and evidence indicates the same tactic is being used in the current crisis. Such attacks could intentionally or unintentionally have a major impact on information systems in the UK and around the world.

In addition to intensifying efforts to comply with the University’s security policy, standards and guidance, the priorities are to:

  • Ensure software is up to date and security patches have been applied.
  • Protect all devices with up-to-date anti-virus software, preferably the University’s Sophos endpoint protection service.

Maintain heightened vigilance against phishing attacks and contact the Information Security Team immediately, if you receive a suspicious message. 

  • Review BYOD policy and ensure users follow our guidance on securing their devices.

The NCSC has produced general guidance to improve resilience when the cyber-threat is heightened. University colleges and departments that have implemented the University’s policy and baseline security controls, will have most of the NCSC guidance covered off.

 

 

If you have any queries please contact grc@infosec.ox.ac.uk

If you spot a phishing campaign, be the first to report it to Suspect Phishing phishing@infosec.ox.ac.uk ; we can then act and you will have protected your colleagues.

For computer and information security incidents, technical advice, security testing and other technical services contact the Oxford Computer Emergency Response Team (OxCERT) oxcert@infosec.ox.ac.uk or phone: +44 1865 2 82222
GnuPG fingerprint: A8E1 FD4B 9770 C77A 75F0  5273 CE28 F2F2 5F88 68AF (key id: 5F8868AF)