Skip Navigation

Ukraine situation

Support for employees who are concerned about friends and family living in the Ukraine

This must be a frightening and worrying time for you if you have friends or family in the Ukraine. Please let your line manager know and discuss with them any support that you may need. For example, you may need some during the working day to access legal or consulate advice, or the situation may be impacting on your mental health, your line manager can link in with the HR Team and put in place appropriate support for you.

Phishing and malware attacks

While we are not currently aware of any specific threats to UK Local Government in relation to the events in and around Ukraine, we are following the advice from the National Cyber Security Centre (NCSC) and encouraging staff to be extra vigilant to reduce the risk of falling victim to any potential direct, or spill-over cyber-attack.

The most common form of such attack would be via malicious emails - phishing attacks or attachments containing ransomware. When these attachments are opened they run in the background on the computer encrypting any files the user has access too, whether these are on the computer or on shared drives. Once these files are encrypted they become completely inaccessible. These kinds of attacks can be damaging and very difficult and costly to recover from. If you find one of these “Ransom” prompts, you should contact the Service Desk as soon as possible.

Phishing attacks will attempt to trick you into revealing your user name and password or other confidential information, such as banking details. Once an account has been compromised, it is often used to distribute the phishing email to the contacts within that users account, this further adds to the appearance of authenticity as the email comes from someone you have had dealings with in the past. Now is the time to be extra vigilant when opening links and attachments within emails or if prompted to download anything from or login into a website.

What can you do to protect against these attacks?

  • Be aware who the email is from
    Emails from people who you don’t deal with or who you have infrequent dealings with may be suspicious, especially if they contain attachments or links which request your login information.
  • Don't open the attachments
    Treat any attachment that you didn't request, especially from an unusual source as highly suspect
  • Check the address
    Check email addresses for accuracy and look for signs of suspicious activity, for example if an email is not in the format you'd expect or a name appears to be spelt incorrectly. Email addresses made up of seemingly random combinations of letters and numbers may also be suspicious.
  • Check the content
    Badly written emails with spelling mistakes and other small errors should arouse suspicion.
  • Check with the Service
    Desk If in doubt, email the Service Desk. They will let you know whether something is safe to open or click on. It's better to be safe than sorry.