Xaknet, a politically motivated threat group with links to hacktivist group Killnet, are suspected to be coordinating attacks with the Russian military against Ukraine, prompting the NCSC to publish new guidance.

Due to the continued disruptions within the geopolitical landscape and events in Europe, further advice on how organisations should operate at a heightened threat awareness has been published by the National Cyber Security Centre (NCSC).

DTEK group, a private energy firm that works with coal and thermal power within Ukraine was the victim of what appears to be a coordinated attack between Russian aligned cyber threat group Xaknet and the Russian military.

DTEK admit there was a cyber-attack that coincided with the military shelling on one of their thermal power plants in Kryvyi Rih within central Ukraine.

However, the company is yet to fully report on the cyber-attack other than to comment that the objective appeared to be an attempt to destabilise processes and leave customers without electricity.

Xaknet have provided proof that they were the threat actors behind the attack by posting images online of DTEK network access but have denied their involvement with the Russian government.

Due to these types of attacks - as well as the dynamic and unpredictable geopolitical landscape - the UK has been operating at a heightened cyber security threat level.

Since January this year, there has been a wave of cyber-attacks, carried out from all over the world, targeting different countries and many others have felt the impact as collateral damage regardless of their political alignment.

As reported extensively this year, the Russia-Ukraine crisis has acted as a catalyst for many threat actors, and groups, to form and launch attacks.

The main focus of these actors so far has been mainland Europe, but these are not always co-ordinated efforts and predicting who will be next in the crosshairs is difficult.

The NCSC have encouraged the UK to appreciate that this activity and level of threat will continue for longer than what many organisations will have anticipated. To this end they have released further guidance on how managers can make changes to ensure staff, particularly those working within cyber security and IT, can stay resilient whilst avoiding fatigue.

The NCSC updated guidance

• Maintaining a sustainable strengthened cyber security posture
• Actions to take when the cyber threat is heightened

Reporting

Report all Fraud and Cybercrime to Action Fraud by calling 0300 123 2040 or online. Forward suspicious emails to report@phishing.gov.uk. Report SMS scams by forwarding the original message to 7726 (spells SPAM on the keypad).