Warning Against Possible Growth Of Harmful Activities In Cyber Space Connected With Escalation Of Tension In The Middle East

National Cyber Security Centre SK-CERT is warning against possible increase of activities carried out by state-supported APT (Advanced Persistent Threats) groups or individuals in the global cyber security space, including the cyber space of the Slovak Republic, due to increased tensions in the Middle East region.

Increased geopolitical tensions and threats of aggression may lead to cyberattacks on various targets in cyber space, particularly of NATO member countries and also to destructive hybrid attacks against goals and interests of NATO member countries abroad.   

US- Iran tensions create potential for Iran’s retaliatory response to different targets around the world. It may lead to coordinated cyberattacks on several targets also on the territory of the Slovak Republic, including the state sector, critical infrastructure (in particular financial, energy and telecommunications systems) as well as industrial control systems, but also to spreading of disinformation in order to raise fears and present specific false narratives.     

  • Therefore, the National Cyber Security Centre SK-CERT recommends public administration organizations, providers of critical infrastructure, essential service providers and for other companies operating in Slovakia the following:
  • Introduce increased monitoring of Internet-connected assets
  • Prepare for a rapid and coordinated response in case of cyber security incident
  • Inform employees about the increased risk of cyberattacks and maintain good cyber hygiene
  • In case of any suspected incident inform National Cyber Security Center SK-CERT immediately.

Since most of the cyberattacks start with a phishing campaign, SK-CERT recommends following:

  • Increase caution when opening and reading received emails
    • Do not open email attachments that you did not expect coming
    • Turn off the attachment preview feature when using email applications, do not open attachments (even in your known formats like .pdf / .docx and others)
    • Thoroughly check links that are part of emails (the attacker can imitate official links)
    • In case of suspicion to verify the contents of the e-mail with the sender in another form (by phone, in person)
    • Do not respond to email requests for security verification, do not open links or attachments in similar emails, and do not respond to emails of this type
    • Do not send by e-mail or submit forms from suspicious sources your personal / sensitive information, bank details, or log in to any applications.

None of your service providers will ask you to do this.

In order to increase the resilience of networks and systems, the National Cyber Security Center SK-CERT also recommends verifying in your organization whether

  1. Do you make regular backups of all important information? Do you have backups saved offline? Have you tested your ability to return to backups during an incident?
    2. Do you have an incident response plan? Do you exercise the plan regularly?
    3. Do you perform risk analysis of cyber security in your organization?
    4. Do you train your employees on best practices in cyber security?
    5. Have you implemented multi-factor access authentication and minimize account permissions?
    6. Do you monitor network traffic between your various systems, including industrial control systems, and the Internet? Do you back up records of this traffic (logs, netflow, etc.) to a protected repository for at least a few months?

________________________________________

In cooperation with partners, NCKB SK-CERT helps organizations / partners to understand and counter the dangers of harmful activities of national and non-state actors. SK-CERT provides recommendations to help partners stay alert and protected against potential computer and physical threats.

More information can be found at www.sk-cert.sk. We ask our partners to contact us immediately at 

at incident@nbu.gov.sk in case of any relevant information or any suspicion of systems compromise.


« Späť na zoznam