Cyber Liabilities Advisory Advocates Resilience

Uploaded on 2021-08-17 in TECHNOLOGY--Resilience, GOVERNMENT-National, FREE TO VIEW

Government officials in the US, UK, and Australia are urging public, and private-sector organisations to secure their networks by ensuring firewalls, VPNs, and other network-perimeter devices are patched against the most widespread exploits.

The Cybersecurity and Infrastructure Security Agency (CISA) has released a Joint Cyber Security Advisory highlighting the top Common Vulnerabilities and Exposures (CVEs) routinely exploited by cyber actors in 2020 and those vulnerabilities being widely exploited thus far in 2021.

“In 2020, cyber actors readily exploited recently disclosed vulnerabilities to compromise unpatched systems. Based on available data to the US Government, a majority of the top vulnerabilities targeted in 2020 were disclosed during the past two years... The rapid shift and increased use of remote work options, such as virtual private networks (VPNs) and cloud-based environments, likely placed additional burden on cyber defenders struggling to maintain and keep pace with routine software patching,” says the Report.

The FBI, one of the agencies involved in producing the report, said that malicious actors mostly targeted remote work, virtual private networks and cloud-based technologies, with many cyber weaknesses left unpatched. In particular, cyber criminals continue to focus on using  widely known,and often dated exploits and software vulnerabilities against a wide range of target victims, in  both the public and private sectors

One of the key findings is that four of the most targeted vulnerabilities in 2020 involved remote work, VPNs, or cloud-based technologies.

  • It’s recommended that organisations apply the available patches for the 30 vulnerabilities listed in the joint cybersecurity advisory and implement a centralised patch management system.
  • Many VPN gateway devices remained unpatched during 2020, with the growth of remote work options due to the COVID-19 pandemic challenging the ability of organisations to conduct rigorous patch management.
  • In 2021, malicious cyber actors continued to target vulnerabilities in perimeter-type devices. This advisory lists the vendors, products, and CVEs associated with these vulnerabilities, which organizations should urgently patch.

"In cyber security, getting the basics right is often most important. Organisations that apply the best practices of cyber security, such as patching, can reduce their risk to cyber actors exploiting known vulnerabilities in their networks... Collaboration is a crucial part of CISA’s work and today we partnered with ACSC, NCSC, and FBI to highlight cyber vulnerabilities that public and private organisations should prioritise for patching to minimise risk of being exploited by malicious actors." said Eric Goldstein, Assistant Director for Cybersecurity at CISA.

The Joint Advisory also directs public and private sector partners to the support and resources available to mitigate and remediate these vulnerabilities from each agency, as well as from other government and industry partners. One of the most effective best practices to mitigate many vulnerabilities is to update software once patches are available and as soon as is practicable.

Focusing cyber defense resources on patching those vulnerabilities that malicious cyber actors most often use should be ingrained in the culture of every organisation. This approach offers the potential of not only bolstering network security, but also impeding the disruptive, destructive operations of our adversaries.

CISA, ACSC, NCSC, and FBI encourage organisations that have not yet addressed these vulnerabilities to look out for indicators of the numerous compromises listed in this advisory and be ready to initiate incident response and recovery plans.

The Joint Advisory  lists 13 vulnerabilities discovered this year that are also being exploited in large numbers: 

  • Microsoft Exchange: CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE2021-27065
  • Pulse Secure: CVE-2021-22893, CVE-2021-22894, CVE-2021-22899, and CVE-2021-22900
  • Accellion: CVE-2021-27101, CVE-2021-27102, CVE-2021-27103, CVE-2021-27104
  • VMware: CVE-2021-21985

The advisory provides technical details for each vulnerability, mitigation guidance, and indicators of compromise to help organisations determine if they’re vulnerable or have been hacked. The advisory also provides guidance for locking down systems.

CERT-CISA:       FBI:         CISA:      Ars Technica:      ZDNet:       Defence Connect:     Wired:

You Might Also Read: 

Missing Patches Place Security At Risk:

 

« Electronic Warfare Specialists On The Frontline
An AI Can File A Patent Application »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Phoenix TS

Phoenix TS

Phoenix TS offers world-class management, computer, and IT security certification training courses.

Cyber, Space, & Intelligence Association (CSIA)

Cyber, Space, & Intelligence Association (CSIA)

CSIA focuses on issues critical to Cyber Security, Military Space and Intelligence.

UL Solutions

UL Solutions

UL Solutions is a safety, security and compliance consulting and certification company. Areas covered include cyber security.

Huntsman Security

Huntsman Security

Huntsman Security provides technology to enable real-time security monitoring and immediate visibility of advanced threats and compliance issues.

Certis

Certis

Certis is a leading advanced integrated security organisation that develops and delivers multi-disciplinary security and integrated services.

Cynerio

Cynerio

Cynerio develops cybersecurity protections for medical devices, comparing network behavior with a database of medical workflows.

Cybersecurity Professionals

Cybersecurity Professionals

Search vacancies from top cyber security jobs worldwide on CyberSecurity Professionals. View IT security jobs or upload your CV to be seen by recruiters from industry leading firms.

Solidified

Solidified

Solidified is the largest audit platform for smart contracts. Our community has the highest concentration of top Blockchain security specialists and best-in-class code auditors.

Granted Consultancy

Granted Consultancy

Granted Consultancy is a business consultancy that specialises in securing funding to support companies with the development and commercialisation of new and innovative products and technologies.

GELLIFY

GELLIFY

GELLIFY is the first innovation platform dedicated to the high-tech B2B market, supporting start-ups and companies.

DeepSeas

DeepSeas

DeepSeas is the result of a merger between Security On-Demand (SOD) and the commercial Managed Threat Services (MTS) business of Booz Allen Hamilton.

AirITSystems

AirITSystems

AirITSystems offer companies comprehensive IT security solutions that take all security considerations into account and are tailored to your business.

AgileBlue (Agile1)

AgileBlue (Agile1)

AgileBlue (formerly Agile1) is a managed breach detection company with an Autonomous SOC-as-a-Service for 24×7 monitoring, detection and guided response.

Josef Ressel Centre for Intelligent & Secure Industrial Automation

Josef Ressel Centre for Intelligent & Secure Industrial Automation

The Josef Ressel Centre for Intelligent and Secure Industrial Automation investigates the fundamentals of digital assistants for industrial machines that enable intelligent and secure operation.

Securious

Securious

If you need to improve your cyber security or achieve cyber security accreditations, Securious provide an independent service that will identify and address your issues quickly and efficiently.

Internet Initiative Japan (IIJ)

Internet Initiative Japan (IIJ)

IIJ is one of Japan's leading Internet-access and comprehensive network solutions providers.