The Australian Cyber Security Centre, the UK National Cyber Security Centre, the US’s Cybersecurity and Infrastructure Security Agency, and the Federal Bureau of Investigation have joined forces to release a warning to businesses about how their systems could be hacked. The weaknesses are based on systems allowing people to work remotely, such as remote networks, virtual private networks, and cloud-based technologies. The warning highlighted the main Common Vulnerabilities and Exposures (CVEs) regularly exploited by cyber actors in 2020 and how the same vulnerabilities are being exploited in 2021.
The increase in people working from home to slow the spread of COVID-19 has increased the risk of systems being compromised. This is due to people using unpatched and outdated software that is used to help staff connect to their colleagues and workplaces, leaving them open for attack from malicious actors. Ms Abigail Bradshaw CSC, Head of the Australian Cyber Security Centre, said “This advisory complements our advice available through cyber.gov.au and underscores the determination of the ACSC and our partner agencies to collaboratively combat malicious cyber activity.”
Malicious cyber actors will usually use older known vulnerabilities as many devices and systems are remaining unpatched. The growth of remote work options during 2020 challenged organisations to conduct thorough patch management. In 2021, malicious cyber actors are targeting perimeter-type devices such as firewalls. It is recommended that organisations apply the available patches for the 30 vulnerabilities listed in the advisory and put a centralised patch management system in place. The most exploited in 2021 include vulnerabilities in VMWare, Fortinet, Accellion, Microsoft Exchange and Pulse Secure.
For support and resources on how to mitigate remediate these vulnerabilities, please contact NSI Global Counter Intelligence us on 1300 000 674.