Jersey’s Cyber Emergency Response Team CERT.JE has been closely monitoring recent developments in Ukraine including a series of cyber attacks in January and February 2022. These attacks have included both Distributed Denial of Service attacks (DDoS) and malware designed to render information systems inoperable. Several of these attacks have been attributed by UK and US authorities to Russia’s Main Intelligence Directorate (GRU).
Whilst there is no evidence of a specific threat to Jersey organisations, there has been an historical pattern of cyber attacks on Ukraine with international consequences and local organisations are asked to prepare for an increase in malicious cyber activity. Similar warnings have been issued by other national cyber authorities including NCSC (UK) and CISA (USA).
Such attacks are likely to be followed by an increase in criminal or hacktivist (cyber activist) led cyber attacks. We are currently tracking follow-on cyber activity targeted primarily at government bodies, financial services, critical infrastructure and their direct supply chains.
The situation is increasingly unpredictable and this raised threat level is likely to persist.
Jersey based organisations operating in the financial services, government and public services, professional services and critical infrastructure sectors are therefore strongly encouraged to take the following immediate steps to minimise the risk of a successful cyber attack. The below advice is also appropriate for organisations outside these sectors as cyber attacks can be indiscriminate.
Click Cyber Threat to view/download the full advice.