Many widely exploited hacks known to public for two years, cyber agencies warn

28 July 2021, 14:04

Person using a laptop
Many widely exploited hacks have been known for two years, cyber agencies warn. Picture: PA

Cyber experts from the UK, US and Australia believe increased homeworking over lockdown may have contributed to the problem.

Cybersecurity agencies have revealed the top 30 vulnerabilities exploited by hackers last year in a fresh warning to organisations.

The UK and allies in the US and Australia said most exposures were already publicly known during the past two years and are often due to dated software.

Experts believe increased homeworking could be partly to blame for some more recently disclosed software flaws, making it harder for firms to roll out routine patches.

The most targeted vulnerabilities affected remote work, virtual private networks (VPNs), or cloud-based technologies, they said.

The group warned that in 2021 malicious cyber actors have continued to target vulnerabilities in common software by Microsoft, Pulse, Accellion, VMware, and Fortinet.

This includes the high-profile Microsoft Exchange mail server vulnerability, which affected at least 30,000 organisations around the world.

It comes after Lindy Cameron, head of the National Cyber Security Centre (NCSC), which is part of GCHQ, recently stressed that ransomware attacks are the key cyber threat facing the UK, and urged the public and businesses to take it seriously.

Paul Chichester, director for operations at the NCSC, said: “We are committed to working with allies to raise awareness of global cyber weaknesses – and present easily actionable solutions to mitigate them.

“The advisory published today puts the power in every organisation’s hands to fix the most common vulnerabilities, such as unpatched VPN gateway devices.

“Working with our international partners, we will continue to raise awareness of the threats posed by those that seek to cause harm.”

Bryan Vorndran, cyber assistant director at the FBI, said: “The FBI remains committed to sharing information with public and private organisations in an effort to prevent malicious cyber actors from exploiting vulnerabilities.

“We firmly believe that co-ordination and collaboration with our federal and private sector partners will ensure a safer cyber environment to decrease the opportunity for these actors to succeed.”

By Press Association

More Technology News

See more More Technology News

Microsoft surface tablets

Microsoft outage still causing ‘lingering issues’ with email

The Google logon on the screen of a smartphone

Google faces ÂŁ7 billion legal claim over search engine advertising

Hands on a laptop

Estimated 7m UK adults own cryptoassets, says FCA

A teenager uses his mobile phone to access social media,

Social media users ‘won’t be forced to share personal details after child ban’

Google Antitrust Remedies

US regulators seek to break up Google and force Chrome sale

Jim Chalmers gestures

Australian government rejects Musk’s claim it plans to control internet access

Graphs showing outages across Microsoft

Microsoft outage hits Teams and Outlook users

A person holds an iphone showing the app for Google chrome search engine

Apple and Google ‘should face investigation over mobile browser duopoly’

UK unveils AI cyber defence lab to combat Russian threats, as minister pledges unwavering support for Ukraine

British spies to ramp up fight against Russian cyber threats with launch of cutting-edge AI research unit

Pat McFadden

UK spies to counter Russian cyber warfare threat with new AI security lab

Openreach van

Upgrade to Openreach ultrafast full fibre broadband ‘could deliver £66bn boost’

Laptop with a virus warning on the screen

Nato countries are in a ‘hidden cyber war’ with Russia, says Liz Kendall

Pat McFadden

Russia prepared to launch cyber attacks on UK, minister to warn

A Google icon on a smartphone

Firms can use AI to help offset Budget tax hikes, says Google UK boss

Icons of social media apps, including Facebook, Instagram, YouTube and WhatsApp, are displayed on a mobile phone screen

Growing social media app vows to shake up ‘toxic’ status quo

Will Guyatt questions who is responsible for the safety of children online

Are Zuckerberg and Musk responsible for looking after my kids online?

More Tech News

See more More Tech News

Bebe King was one of the three children killed in the knife attack (Merseyside Police)

Scammers offered fake links to stream Southport victim’s funeral, police warn

The tech tycoon founded the company which became one of the biggest enterprise software firms on the planet (Yui Mok/PA)

Mike Lynch: Autonomy founder who fought to clear his name for 13 years

A hand on a laptop keyboard

Digital exclusion report warns 15% of adults do not have skills to get online

The Fianna Fail minister is set to go further to reduce the use of mobile phones in schools (Yui Mok/PA)

Minister working on plans to ban mobile phones in secondary schools

American singer Will.i.am giving a speech.

Will.i.am calls on artists to rediscover ‘secret sauce’ that makes them human

The App Store on an Apple iPhone 6s

Competition watchdog closes Apple and Google probes ahead of rules shake-up

Latest UK News

See more Latest UK News

Kiena Dawes, 23, took her own life on a railway line ‘after suffering years of abuse’

‘I was murdered’: Young mother took her own life and left note accusing her ex of 'years of abuse,' court hears
Netanyahu agrees to Lebanon ceasefire deal but warns of retaliation if Hezbollah attacks

Netanyahu agrees to Lebanon ceasefire deal but warns of retaliation if Hezbollah attacks

A ceasefire between Israel and Hezbollah is set to be approved ‘within hours’ as Prime Minister Benjamin Netanyahu presents deal to his cabinet.

Israel-Hezbollah ceasefire due to be approved ‘within hours’ as Netanyahu presents deal to his cabinet
A

Terrorist who played 'important role' in radicalisation of Manchester Arena bomber freed from prison
William Coull, the man behind the disastrous Willy Wonka experience in Glasgow, has been charged with rape.

Creator of infamous Willy Wonka experience charged with rape

The third storm of the season is set to batter the UK this evening just days after the deadly Storm Bert caused massive flooding across England and Wales.

Brace for Storm Conall: South set to be hit overnight by third storm of the season

More Topics

See more More Topics

War in Ukraine

Cost of Living Crisis

UK Strikes

Immigration

Crime & Police

London

NHS

Royal News