top of page

NCSC publish updated guidance in response to Russia/Ukraine conflict

Xaknet, a politically motivated threat group with links to hacktivist group Killnet, are suspected to be coordinating attacks with the Russian military against Ukraine, prompting the NCSC to publish new guidance.

Due to the continued disruptions within the geopolitical landscape and events in Europe, further advice on how organisations should operate at a heightened threat awareness has been published by the National Cyber Security Centre (NCSC).

DTEK group, a private energy firm that works with coal and thermal power within Ukraine was the victim of what appears to be a coordinated attack between Russian aligned cyber threat group Xaknet and the Russian military.

DTEK admit there was a cyber-attack that coincided with the military shelling on one of their thermal power plants in Kryvyi Rih within central Ukraine.

However, the company is yet to fully report on the cyber-attack other than to comment that the objective appeared to be an attempt to destabilise processes and leave customers without electricity.

Xaknet have provided proof that they were the threat actors behind the attack by posting images online of DTEK network access but have denied their involvement with the Russian government.

Due to these types of attacks - as well as the dynamic and unpredictable geopolitical landscape - the UK has been operating at a heightened cyber security threat level.

Since January this year, there has been a wave of cyber-attacks, carried out from all over the world, targeting different countries and many others have felt the impact as collateral damage regardless of their political alignment.

As reported extensively this year, the Russia-Ukraine crisis has acted as a catalyst for many threat actors, and groups, to form and launch attacks.

The main focus of these actors so far has been mainland Europe, but these are not always co-ordinated efforts and predicting who will be next in the crosshairs is difficult.

The NCSC have encouraged the UK to appreciate that this activity and level of threat will continue for longer than what many organisations will have anticipated. To this end they have released further guidance on how managers can make changes to ensure staff, particularly those working within cyber security and IT, can stay resilient whilst avoiding fatigue.

The NCSC updated guidance



Report all Fraud and Cybercrime to Action Fraud by calling 0300 123 2040 or online. Forward suspicious emails to Report SMS scams by forwarding the original message to 7726 (spells SPAM on the keypad).



The contents of blog posts on this website are provided for general information only and are not intended to replace specific professional advice relevant to your situation. The intention of East Midlands Cyber Resilience Centre (EMCRC) is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others. Articles on the website cannot by their nature be comprehensive and may not reflect most recent legislation, practice, or application to your circumstances. EMCRC provides affordable services and Trusted Partners if you need specific support. For specific questions please contact us by email.


EMCRC does not accept any responsibility for any loss which may arise from reliance on information or materials published on this blog. EMCRC is not responsible for the content of external internet sites that link to this site or which are linked from it.

bottom of page