News | UK

Many widely exploited hacks known to public for two years, cyber agencies warn

Cyber experts from the UK, US and Australia believe increased homeworking over lockdown may have contributed to the problem.
Cyber experts from the UK, US and Australia believe increased homeworking over lockdown may have contributed to vulnerabilities being exploited by hackers (Yui Mok/PA)
PA Wire
Jamie Harris28 July 2021

Cybersecurity agencies have revealed the top 30 vulnerabilities exploited by hackers last year in a fresh warning to organisations.

The UK and allies in the US and Australia said most exposures were already publicly known during the past two years and are often due to dated software.

Experts believe increased homeworking could be partly to blame for some more recently disclosed software flaws, making it harder for firms to roll out routine patches.

The most targeted vulnerabilities affected remote work, virtual private networks (VPNs), or cloud-based technologies, they said.

The group warned that in 2021 malicious cyber actors have continued to target vulnerabilities in common software by Microsoft Pulse, Accellion, VMware, and Fortinet.

This includes the high-profile Microsoft Exchange mail server vulnerability, which affected at least 30,000 organisations around the world.

It comes after Lindy Cameron, head of the National Cyber Security Centre (NCSC), which is part of GCHQ recently stressed that ransomware attacks are the key cyber threat facing the UK, and urged the public and businesses to take it seriously.

Paul Chichester, director for operations at the NCSC, said: “We are committed to working with allies to raise awareness of global cyber weaknesses – and present easily actionable solutions to mitigate them.

“The advisory published today puts the power in every organisation’s hands to fix the most common vulnerabilities, such as unpatched VPN gateway devices.

Read More

Sam Kerr pleads not guilty to racially aggravated harassment of a police officer

Sam Kerr pleads not guilty to racially aggravated harassment of a police officer

Kylie Minogue honoured with Brit Awards global icon gong

Kylie Minogue honoured with Brit Awards global icon gong

BBC buys out ITV from BritBox International in £255m deal

BBC buys out ITV from BritBox International in £255m deal

Sponsored
What you need to know when buying a pre-loved electric car

What you need to know when buying a pre-loved electric car

“Working with our international partners, we will continue to raise awareness of the threats posed by those that seek to cause harm.”

Bryan Vorndran, cyber assistant director at the FBI said: “The FBI remains committed to sharing information with public and private organisations in an effort to prevent malicious cyber actors from exploiting vulnerabilities.

“We firmly believe that co-ordination and collaboration with our federal and private sector partners will ensure a safer cyber environment to decrease the opportunity for these actors to succeed.”

Create a FREE account to continue reading

eros

Registration is a free and easy way to support our journalism.

Join our community where you can: comment on stories; sign up to newsletters; enter competitions and access content on our app.

Your email address

Must be at least 6 characters, include an upper and lower case character and a number

You must be at least 18 years old to create an account

* Required fields

Already have an account? SIGN IN

By clicking Sign up you confirm that your data has been entered correctly and you have read and agree to our Terms of use , Cookie policy and Privacy notice .

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged in

MORE ABOUT

Australia
Microsoft
FBI
GCHQ