Cyber attacks against Ukraine that may have consequences on New Zealand organisations

Cyber Security and Incident Response Advisory – Updated 26 February 2022

Numerous Government Agencies have posted alerts in relation to strengthening cyber security readiness in response to heightened tensions between Russia and Ukraine.

Organisations should consider their security posture, exercise readiness, and monitor for relevant cyber security developments. This should also include reviewing and enhancing detection, mitigation, and response measures.

Organisations should assess their preparedness to respond to any cyber security incident by:

• reviewing cyber incident response and business continuity plans, learn more here
• testing the level of preparedness by conducting a cyber incident simulation, learn more here
• subscribing to an Incident Response Retainer plan which includes forensic expertise, learn more here

Government Advisories

ACSC – Australian organisations encouraged to urgently adopt an enhanced cyber security posture

UK NCSC – Organisations to act following Russia’s further violation of Ukraine’s territorial integrity

UK NCSC – Actions to take when the cyber threat is heightened

CISA – Understanding and Mitigating Russian State-Sponsored Cyber Threats to U.S. Critical Infrastructure

CISA – Implement Cybersecurity Measures Now to Protect Against Potential Critical Threats

CISA – Destructive Malware Targeting Organizations in Ukraine

CCC – Cyber Centre urges Canadian critical infrastructure operators to raise awareness and take mitigations against known Russian-backed cyber threat activity

Examples of the potential impact of cyber attacks

• Cisco Talos
• Microsoft
• Malwarebytes
• Symantec
• Sentinel Labs
• CISA – Not Petya