The Cybersecurity and Infrastructure Security Agency (CISA), Australian Cyber Security Centre (ACSC), the UK’s National Cyber Security Centre (NCSC) and the FBI released a joint cyber security advisory highlighting the top common vulnerabilities and exposures (CVEs) routinely exploited by cyber actors in 2020 and vulnerabilities being widely exploited this year.
To continue reading the rest of this article, please log in.
Create free account to get unlimited news articles and more!
One of the key findings is that four of the most targeted vulnerabilities in 2020 involved remote work, VPNs, or cloud-based technologies. Many VPN gateway devices remained unpatched during 2020, with the growth of remote work options due to the COVID-19 pandemic challenging the ability of organisations to conduct rigorous patch management.
This year, malicious cyber actors continued to target vulnerabilities in perimeter-type devices.
According to Eric Goldstein, executive assistant director for Cybersecurity, CISA, organisations that apply the best practices of cyber security, such as patching, can reduce their risk to cyber actors exploiting known vulnerabilities in their networks.
“In cyber security, getting the basics right is often most important,” Goldstein said.
“Collaboration is a crucial part of CISA’s work and today we partnered with ACSC, NCSC and FBI to highlight cyber vulnerabilities that public and private organisations should prioritise for patching to minimise risk of being exploited by malicious actors.”
Abigail Bradshaw CSC, head of the Australian Cyber Security Centre, added the advisory's guidance will be valuable for enabling network defenders and organisations to lift collective defences against cyber threats.
“This advisory complements our advice available through cyber.gov.au and underscores the determination of the ACSC and our partner agencies to collaboratively combat malicious cyber activity,” Bradshaw said.
Cyber actors continue to exploit publicly known, and often dated software vulnerabilities against broad target sets, including public and private sector organisations worldwide.
The multi-national cyber security advisory recommends that organisations apply the available patches for the 30 vulnerabilities and implement a centralised patch management system.
The allied members of the joint cybersecurity advisory are committed to raising awareness of global cyber weaknesses by working together according to Paul Chichester, NCSC director of operations.
“The advisory published today puts the power in every organisation’s hand to fix the most common vulnerabilities, such as unpatched VPN gateway devices," Chichester said.
"Working with our international partners, we will continue to raise awareness of the threats posed by those that seek to cause harm."
The advisory has directed public and private sector partners to the support and resources available to mitigate and remediate these vulnerabilities from each agency, as well as from other government and industry partners.
One of the most effective best practices to mitigate many vulnerabilities is to update software once patches are available and as soon as is practicable.
Focusing cyber defense resources on patching those vulnerabilities that malicious cyber actors most often use should be engrained in the culture of every organisation according to the joint advisory.
The advisory also listed the vendors, products and CVEs associated with the key vulnerabilities identified, which organisations should urgently patch.
Bryan Vorndran, FBI’s cyber assistant director, added that working together is key.
“We firmly believe that coordination and collaboration with our federal and private sector partners will ensure a safer cyber environment to decrease the opportunity for these actors to succeed,” Vorndran said.
“The FBI remains committed to sharing information with public and private organisations in an effort to prevent malicious cyber actors from exploiting vulnerabilities.”
CISA, ACSC, NCSC and FBI encourage organisations that have not yet remediated these vulnerabilities to investigate for the presence of indicators of compromise listed in the advisory.
Read the joint advisory from Australia, Canada, New Zealand, the UK, and the US on Technical Approaches to Uncovering and Remediating Malicious Activity and the ACSC’s Essential Eight mitigation strategies can be found here.
[Related: Iranian hackers pose as female to honeypot defence contractor]