US, UK, and Australia issue joint cybersecurity advisory

A joint report published by the US, UK, and Australian cybersecurity agencies warns of the top routinely exploited vulnerabilities in 2020

The Cybersecurity and Infrastructure Security Agency (CISA), Australian Cyber Security Centre (ACSC), United Kingdom’s National Cyber Security Centre (NCSC) and Federal Bureau of Investigation (FBI) published a joint advisory highlighting 30 vulnerabilities routinely exploited by cyber actors in 2020 and those being exploited in 2021.

It was found that four of the most targeted vulnerabilities in 2020 involved remote work, VPNs, or cloud-based technologies. Many VPN gateway devices remained unpatched during 2020, with the growth of remote work options due to the COVID-19 pandemic challenging the ability of organisations to conduct rigorous patch management. 

In 2021, malicious cyber actors continued to target vulnerabilities in perimeter-type devices. This new advisory lists the vendors, products, and CVEs associated with these vulnerabilities, which organisations should urgently patch. Some common software by Microsoft Pulse, Accellion, VMware, and Fortinet were targeted. This includes the high-profile Microsoft Exchange mail server vulnerability, which affected at least 30,000 organisations around the world.

 

Minimising risk of being exploited

 

“In cybersecurity, getting the basics right is often most important. Organisations that apply the best practices of cybersecurity, such as patching, can reduce their risk to cyber actors exploiting known vulnerabilities in their networks,” said Eric Goldstein, Executive Assistant Director for Cybersecurity, CISA. “Collaboration is a crucial part of CISA’s work and today we partnered with ACSC, NCSC and FBI to highlight cyber vulnerabilities that public and private organisations should prioritise for patching to minimise risk of being exploited by malicious actors.”

The widespread reliance on VPNs during the pandemic has led to calls for greater adoption of zero-trust principles by governments and others. Zero trust has also been a foundation of the Biden Administration’s response to the Colonial Pipeline ransomware attack.

FBI Cyber Assistant Director, Bryan Vorndran, said: “The FBI remains committed to sharing information with public and private organisations in an effort to prevent malicious cyber actors from exploiting vulnerabilities.

“We firmly believe that coordination and collaboration with our federal and private sector partners will ensure a safer cyber environment to decrease the opportunity for these actors to succeed.”

The agencies suggest one of the most effective practices to mitigate many vulnerabilities is to update software once patches are available and as soon as is practicable. Focusing cyber defence resources on patching those vulnerabilities that malicious cyber actors most often use should be engrained in the culture of every organisation, said the CISA.

 

Share

Featured Articles

ICYMI: New Age of the CISO and cybersecurity trends for 2023

A week is a long time in cybersecurity, so here’s a round-up of the Cyber Magazine articles that have been starting conversations around the world

Kingfisher chooses Google Cloud as catalyst for growth

Google Cloud will support Kingfisher's digital ambitions with a range of solutions, from infrastructure to data analytics.

ICYMI: Cyber predictions for 2023 and trouble in paradise

A week is a long time in cybersecurity, so here’s a round-up of the Cyber Magazine articles that have been starting conversations around the world

Osirium shares its cyber predictions for 2023

Cyber Security

ICYMI: Unloved emails and cybersecurity worth $500bn by 2030

Cyber Security

Cyber security market anticipated to reach $500bn by 2030

Cyber Security