The NCSC (National Cyber Security Centre) have today issued guidance following the Russian invasion of Ukraine and a heightened cyber security threat. We advise all users to familiarise themselves with the advice as soon as possible and more importantly to have all email users briefed about increased awareness on identifying phishing emails. This is the most common tool used in a cyber attack.
As a matter of urgency we'd advise the following:
- Review the people who have access to your website and email and ensure that it is current
- Ensure all passwords are at least 8 characters and include a combination of capital letters, lower case letters, numbers and other symbols
- Pay particular attention to emails that purport to be from Cpanel, WeTransfer or even a member of your team with an unusual request, if in doubt, don't respond or click any links.
- Never give your password to anyone by email, phone or otherwise.
- Ensure that all your devices are using the latest software updates.
- Do not install any plugins to your website that haven't been pre-approved by us. This is also a condition of our terms that can be found on our website and exists purely in the interests of security.
- Consider temporarily removing the contact email addresses of Council Members from your website with the exclusion of the clerk. All correspondence can be routed through the Clerk in the interim. This is just a suggestion, if your team is small and well informed on identifying phishing emails then there is no requirement for you to do this.
- If you haven't already, then please consider upgrading to NetWise V2. in addition to many benefits, V2 runs on the latest software with minimal plugins and is therefore more secure. Email us for details.
You can read the NCSC article here https://www.ncsc.gov.uk/news/organisations-urged-to-bolster-defences
Please remember, as important as this is, there isn't an immediate threat. It is important to be prepared.
Remain alert and safe
Tuesday, March 1, 2022
