Many widely exploited hacks known to public for two years, cyber agencies warn

28 July 2021, 14:04

Person using a laptop
Many widely exploited hacks have been known for two years, cyber agencies warn. Picture: PA

Cyber experts from the UK, US and Australia believe increased homeworking over lockdown may have contributed to the problem.

Cybersecurity agencies have revealed the top 30 vulnerabilities exploited by hackers last year in a fresh warning to organisations.

The UK and allies in the US and Australia said most exposures were already publicly known during the past two years and are often due to dated software.

Experts believe increased homeworking could be partly to blame for some more recently disclosed software flaws, making it harder for firms to roll out routine patches.

The most targeted vulnerabilities affected remote work, virtual private networks (VPNs), or cloud-based technologies, they said.

The group warned that in 2021 malicious cyber actors have continued to target vulnerabilities in common software by Microsoft, Pulse, Accellion, VMware, and Fortinet.

This includes the high-profile Microsoft Exchange mail server vulnerability, which affected at least 30,000 organisations around the world.

It comes after Lindy Cameron, head of the National Cyber Security Centre (NCSC), which is part of GCHQ, recently stressed that ransomware attacks are the key cyber threat facing the UK, and urged the public and businesses to take it seriously.

Paul Chichester, director for operations at the NCSC, said: “We are committed to working with allies to raise awareness of global cyber weaknesses – and present easily actionable solutions to mitigate them.

“The advisory published today puts the power in every organisation’s hands to fix the most common vulnerabilities, such as unpatched VPN gateway devices.

“Working with our international partners, we will continue to raise awareness of the threats posed by those that seek to cause harm.”

Bryan Vorndran, cyber assistant director at the FBI, said: “The FBI remains committed to sharing information with public and private organisations in an effort to prevent malicious cyber actors from exploiting vulnerabilities.

“We firmly believe that co-ordination and collaboration with our federal and private sector partners will ensure a safer cyber environment to decrease the opportunity for these actors to succeed.”

By Press Association

More Technology News

See more More Technology News

People walk by the Las Vegas Convention Centre

Smart home tech, AI and cars among central themes as CES 2025 prepares to open

Mark Zuckerberg

Meta criticised over ‘chilling’ content moderation changes

A mobile phone screen

Meta ends fact-checking on Facebook and Instagram in favour of community notes

An Apple phone

Apple to update AI tools after BBC complaint over inaccurate news alerts

Meta is ditching its fact-checking service

Meta ditches fact-checking on Facebook and Instagram in favour of X-style 'community notes'

A wallet with bank cards cash

35% of young adults ‘are concerned about their finances on a daily basis’

Broadcaster Cathy Newman at the Women of The Year Lunch and Awards 2019 in London

‘Haunting’ to see deepfake pornography of myself, says journalist Cathy Newman

A laptop user with their hood up

Ministers to crack down on deepfakes and sharing of illicit intimate images

Elvie Rise smart baby bouncer

British tech firm Elvie unveils smart baby bouncer

The phone maker first introduced its suite of generative AI tools a year ago (David Parry/PA)

More than four million people in the UK using Samsung Galaxy AI tools, firm says

Critics of AI have raised concerns about the technology's potential impact on the job market (Michael Dwyer/AP)

OpenAI is ready to focus on ‘superintelligence’, boss Sam Altman says

CES 2025 signage

CES ‘doesn’t have the same support’ from the UK as other nations, show boss says

Health Secretary Wes Streeting told MPs he believes in 'different courses for different horses' (PA)

Use of NHS app will ‘free up phone line’ for elderly lacking tech skills

CES 2025 Preview

CES 2025: AI-powered beauty mirrors and robot pets among gadgets on display

The firm said it would begin a pilot of the new system with a L'Oreal brand in stores in Asia later in 2025. (L'Oreal)

New L’Oreal skin analysis tool can help predict aging and cosmetic issues

Samsung's Vision AI smart assistant, which are built into Samsung's TVs to act as a virtual assistant

Samsung unveils plans to turn TVs into AI assistants

More Tech News

See more More Tech News

The game developer has been fighting big tech firms for years over anti-competitive behaviour on their app stores (AP)

Epic Games sues Google and Samsung over anti-competition collusion claims

A woman using a mobile phone

Nearly a quarter of adults feel digitally excluded, survey finds

Minister for Justice Helen McEntee

Internet companies could face huge fines over content glorifying terrorism

GCHQ

UK issues alert over threat from cyber attackers working for Iranian state

An Amazon sign at the fulfillment centre in Hemel Hempstead, Hertfordshire

Competition regulator clears Amazon’s partnership with AI firm Anthropic

Meta logo on sign outside building

Meta fined 91m euro over password breach

Latest UK News

See more Latest UK News

James Bond star who acted alongside Pierce Brosnan is dead at 80

James Bond star who acted alongside Pierce Brosnan dead at 80

Trump says US 'needs Greenland for national security purposes’ - as he vows to rename Gulf of Mexico 'Gulf of America'

Trump says US 'needs Greenland for national security purposes’ - as he vows to rename Gulf of Mexico 'Gulf of America'
Tullulah-Belle, 16, Lily, 13, and George, 15, were last seen at around 5pm on January 4.

Fears grow as police seek public's help in hunt for three missing siblings aged 13, 15 & 16
v

Change is finally on the horizon as UK to criminalise sexually explicit 'deepfakes' - and victims deserve nothing less
Critical incidents declared in hospitals

Several NHS trusts in England declare critical incidents: Is your hospital one of those affected?
x

Ed Davey urges Starmer to appeal to Trump over Musk comments about overthrowing UK government

More Topics

See more More Topics

War in Ukraine

Cost of Living Crisis

UK Strikes

Immigration

Crime & Police

London

NHS

Royal News