Many widely exploited hacks known to public for two years, cyber agencies warn

28 July 2021, 14:04

Person using a laptop
Many widely exploited hacks have been known for two years, cyber agencies warn. Picture: PA

Cyber experts from the UK, US and Australia believe increased homeworking over lockdown may have contributed to the problem.

Cybersecurity agencies have revealed the top 30 vulnerabilities exploited by hackers last year in a fresh warning to organisations.

The UK and allies in the US and Australia said most exposures were already publicly known during the past two years and are often due to dated software.

Experts believe increased homeworking could be partly to blame for some more recently disclosed software flaws, making it harder for firms to roll out routine patches.

The most targeted vulnerabilities affected remote work, virtual private networks (VPNs), or cloud-based technologies, they said.

The group warned that in 2021 malicious cyber actors have continued to target vulnerabilities in common software by Microsoft, Pulse, Accellion, VMware, and Fortinet.

This includes the high-profile Microsoft Exchange mail server vulnerability, which affected at least 30,000 organisations around the world.

It comes after Lindy Cameron, head of the National Cyber Security Centre (NCSC), which is part of GCHQ, recently stressed that ransomware attacks are the key cyber threat facing the UK, and urged the public and businesses to take it seriously.

Paul Chichester, director for operations at the NCSC, said: “We are committed to working with allies to raise awareness of global cyber weaknesses – and present easily actionable solutions to mitigate them.

“The advisory published today puts the power in every organisation’s hands to fix the most common vulnerabilities, such as unpatched VPN gateway devices.

“Working with our international partners, we will continue to raise awareness of the threats posed by those that seek to cause harm.”

Bryan Vorndran, cyber assistant director at the FBI, said: “The FBI remains committed to sharing information with public and private organisations in an effort to prevent malicious cyber actors from exploiting vulnerabilities.

“We firmly believe that co-ordination and collaboration with our federal and private sector partners will ensure a safer cyber environment to decrease the opportunity for these actors to succeed.”

By Press Association

More Technology News

See more More Technology News

A person's hands on a laptop

UK to hold conference of developers in Silicon Valley to discuss AI safety

Man in a video conference with his team

Scientists reveal the type of virtual backgrounds associated with ‘Zoom fatigue’

Taoiseach Simon Harris (Brian Lawless/PA)

Taoiseach to meet with gardai and regulators over online safety

Several accounts on X appear to have been hacked on Wednesday evening (Dominic Lipinski/PA)

Accounts of several politicians and organisations hacked on X

Tesco Clubcard

Tesco ‘could use Clubcard data to nudge customers towards healthier choices’

A woman using a mobile phone

AI voice cloning scam warning issued by bank

A hand on a laptop keyboard

UK and allies issue cyber warning over China-backed malicious network

Home page of social media site Instagram on a smartphone

Instagram launches parental control for under-16 accounts by default

Guy's and St Thomas' have launched a new scheme which will see blood samples transported by drone (Georgie Gillard/PA)

Blood samples to be sent by drone to avoid London traffic

Icons of social media apps, including Facebook, Instagram, YouTube and WhatsApp, are displayed on a mobile phone screen

Meta to begin training AI on public posts from UK Facebook and Instagram users

TikTok on a smartphone

TikTok to begin appeal against possible US ban

The Darktrace wesbite

Darktrace set to leave London Stock Exchange at end of September

An unidentified hacker in dark hoodie performing at a comupter

UK convenes nations for talks on global cybersecurity

JLR Rover the Boston Dynamics robot dog (JLR/PA)

JLR’s new ‘Rover’ is a robotic dog employed to protect brand’s EV facility

The logo and name of the technology company OpenAI on a smarthpone

OpenAI unveils new models designed to think more before answering

A person looking at a mobile phone whose screen has been blurred

Government strengthens Online Safety Act to crack down on revenge porn

More Tech News

See more More Tech News

Charlie Nunn, the boss of Lloyds, wearing a suit and tie outisde a building

Lloyds boss says tech outages a ‘really important issue’ for bank

A woman using a mobile

Accessing GP services online could pose risk to patient safety, probe finds

Overhead view of a man using a laptop computer

AI could help two-thirds of workers with daily tasks, says study

A TikTok logo on a mobile phone screen alongside logos for other apps

TikTok fined ÂŁ1.8m over failure to provide accurate information to Ofcom

A hand pressing on laptop keys

UK competition regulator signs AI agreement with EU and US counterparts

A woman using a mobile phone

Third of UK adults use mobile contactless payments at least every month

Latest UK News

See more Latest UK News

US Secretary of Defence Lloyd Austin

Israel warned US a Lebanon operation was coming but gave no details, officials say

Joanna Page, who plays Stacey Shipman (left) and Ruth Jones, who plays Nessa Jenkins (right) during filming for the Gavin and Stacey Christmas Day special at Barry in the Vale of Glamorgan, Wales. Picture date: Wednesday September 4, 2024.

Bye Bye Barry: Gavin and Stacey completes filming in iconic Welsh town ahead of Christmas return
Lebanon pager attacks are a 'war crime' and Israel is trying to sabotage ceasefire efforts, claims Lebanese ambassador

Israel 'hits 100 targets’ in strike against Hezbollah as group’s chief brands attacks on devices a ‘declaration of war’
Prince Harry The Duke of Sussex and Meghan Markle The Duchess of Sussex celebrate their sixth wedding anniversary.

Prince Harry to return to UK for WellChild awards without Meghan Markle

Five people have been arrested on suspicion of murder

Five arrested after fatal stabbing in Teesside

David Lammy Delivers A Speech On UK Foreign Policy And The Climate Crisis

Foreign Secretary calls for immediate ceasefire between Israel and Hezbollah as he warns Brits to leave Lebanon

More Topics

See more More Topics

War in Ukraine

Cost of Living Crisis

UK Strikes

Immigration

Crime & Police

London

NHS

Brexit