Thursday 10th March 2022
Company Statement:
Bytes Software Services has no affiliation with Russia. As a group we stand with Ukraine and are against all action undertaken by Russia within this conflict.
Our organisation has no link or dependence on Russia, Belarus or Ukraine for any of our business operations. Our customer engagement, internal systems and processes are unaffected by this situation. We are continuing to monitor developments in this region and will update any client, supplier or vendor if there are any changes that may impact our business.
If you have any questions, please reach out to your Bytes representative.
--------------------------
Bytes Security Statement:
Given the recent geo-political situation between Ukraine and Russia, preparation of our Cyber strategy to align to recent events is key to deterring and mitigating potential attacks. Bytes have prepared the following statement in W5H format.
Who (Does this affect and is involved)? – This situation has the potential to affect all businesses. So far, we have seen multiple campaigns, and threat actors in play (Including: Sandworm Team). It should be noted that the Russian focus is on Ukraine for now; we need to wait and see what sanctions the UK, NATO and EU impose on Russia as this will likely determine any cyber warfare response from Russia toward to UK.
What (Level is this Threat) (Can we expect from this Threat)? – Based on Threat Intelligence sources, this situation has been classified as a High Threat Level. We can expect/anticipate different types of attacks including DDoS, Ransomware and Wipers. Initial access into systems is likely to utilise phishing campaigns.
Why (Is this relevant)? Russian focus for cyber warfare is currently on Ukraine, but when concluded this will be cast towards anyone that opposes Russia, and there may be overspill into some of our customers where they have operations or supply chain based in Ukraine.
When (Can we expect Cyber Attacks)? - We can expect a rise in reconnaissance activities from now onwards. However, spiked attempts at initial access would likely follow the sanctions that the UK, NATO, and EU impose, as this would have a direct impact on the response from Russia.
It should be noted that we are likely to see increased activity from other regions, as they will seek to use the distraction as cover for operations, or they will use Techniques, Tactics and Processes (TTPs) commonly used by Russia to cover any operations.
Where (will these attacks happen)? – Based on recent Threat Intelligence, we are currently seeing an increase in volume and number of techniques used for reconnaissance and data gathering, this could be a preparatory step for attacks against multiple businesses. Based on this, we would expect a rise in traditional and novel forms of social engineering, this would include the use of emails and SMS messages that lure victims to malicious sites to either gather credentials or embed attacks into files, to start the initial access phase.
How (Can we mitigate and prepare) (Can Bytes support)? – Planning is required around incident response and BCP/DR. Any attacks against the UK would likely be against Critical Public National Infrastructure (CPNI) in the first instance, as well as payment systems and finance. Organisations related to these sectors could be targets in the event of a more widespread attack, potentially through the utilisation of supply chain-based methods.
As always, we recommend the implementation of standard cyber security hygiene across the network. Key areas to focus on are:
The above points are in-line with guidance from the NCSC: https://www.ncsc.gov.uk/guidance/actions-to-take-when-the-cyber-threat-is-heightened.
Bytes can support in a multitude of cyber security areas, including (but not limited to): Solution Discovery & Investigation, Strategy & Planning, Design & Implementation and Cyber Consulting Services (Penetration Testing and Compromise Assessments). If you have any further questions or would like to discuss challenges identified, then please reach out to us at: [email protected].
The Bytes Cyber Consulting Incident Response team can be reached at 0203 327 0698 for assistance during a security incident.
Want to keep informed? Sign up to our Newsletter