US, UK, and Australia issue joint cybersecurity advisory

A joint report published by the US, UK, and Australian cybersecurity agencies warns of the top routinely exploited vulnerabilities in 2020

The Cybersecurity and Infrastructure Security Agency (CISA), Australian Cyber Security Centre (ACSC), United Kingdom’s National Cyber Security Centre (NCSC) and Federal Bureau of Investigation (FBI) published a joint advisory highlighting 30 vulnerabilities routinely exploited by cyber actors in 2020 and those being exploited in 2021.

It was found that four of the most targeted vulnerabilities in 2020 involved remote work, VPNs, or cloud-based technologies. Many VPN gateway devices remained unpatched during 2020, with the growth of remote work options due to the COVID-19 pandemic challenging the ability of organisations to conduct rigorous patch management. 

In 2021, malicious cyber actors continued to target vulnerabilities in perimeter-type devices. This new advisory lists the vendors, products, and CVEs associated with these vulnerabilities, which organisations should urgently patch. Some common software by Microsoft Pulse, Accellion, VMware, and Fortinet were targeted. This includes the high-profile Microsoft Exchange mail server vulnerability, which affected at least 30,000 organisations around the world.

 

Minimising risk of being exploited

 

“In cybersecurity, getting the basics right is often most important. Organisations that apply the best practices of cybersecurity, such as patching, can reduce their risk to cyber actors exploiting known vulnerabilities in their networks,” said Eric Goldstein, Executive Assistant Director for Cybersecurity, CISA. “Collaboration is a crucial part of CISA’s work and today we partnered with ACSC, NCSC and FBI to highlight cyber vulnerabilities that public and private organisations should prioritise for patching to minimise risk of being exploited by malicious actors.”

The widespread reliance on VPNs during the pandemic has led to calls for greater adoption of zero-trust principles by governments and others. Zero trust has also been a foundation of the Biden Administration’s response to the Colonial Pipeline ransomware attack.

FBI Cyber Assistant Director, Bryan Vorndran, said: “The FBI remains committed to sharing information with public and private organisations in an effort to prevent malicious cyber actors from exploiting vulnerabilities.

“We firmly believe that coordination and collaboration with our federal and private sector partners will ensure a safer cyber environment to decrease the opportunity for these actors to succeed.”

The agencies suggest one of the most effective practices to mitigate many vulnerabilities is to update software once patches are available and as soon as is practicable. Focusing cyber defence resources on patching those vulnerabilities that malicious cyber actors most often use should be engrained in the culture of every organisation, said the CISA.

 

Share

Featured Articles

BlueVoyant's Tom Moore Talks Legal Procedure Following Hack

BlueVoyant's Tom Moore explains how companies should act with legal council following a cyber attack

GDPR: Studying the World's Strictest Security Law 6 Years On

We take a look at the history, impact, and future of GDPR to see how it has effected the cyber sphere six years after its enactment

Banking Titan Baird Gives 9 Pointers for Cyber Investors

Investment bank Baird have made nine observations from RSA Conference that investors should consider when investing in today’s cyber market

OpenText's Pillr Buy Show Acquisitions Still in its Strategy

Cyber Security

Zoom Prepares for Quantum World with Post-Quantum Encryption

Cyber Security

Tenable: Security Expertise Gap Threatening Cloud Expansion

Operational Security