Federal Agencies Worried About New Vulnerabilities Leading To Organizations Being Compromised

(PatriotWise.com)- Following the disclosure of more than 20,000 common vulnerabilities and exposures (CVEs) in 2021, the US and its allies are assisting organizations in prioritizing and mitigating the most exploited vulnerabilities.

The National Security Agency (NSA), the Federal Bureau of Investigation (FBI), the Australian Cyber Security Centre (ACSC), the Canadian Centre for Cyber Security (CCCS), the New Zealand National Cyber Security Centre (NZ NCSC), and the National Cyber Security Centre (NCSC-UK) released a joint Cybersecurity Advisory on the top 15 common vulnerabilities and exposures (CVEs) routinely exploited by malicious actors.

Malicious cyber criminals targeted newly reported critical software vulnerabilities against a wide range of targets in 2021, including both public and commercial sector entities around the world. To reduce the hazards and/or negative repercussions of these actors exploiting vulnerabilities, cybersecurity experts propose prioritizing and strengthening:

Vulnerability and configuration management, which includes timely updates to software, operating systems, applications, and firmware; a centralized patch management system; and the replacement of end-of-life software.

Identity and access management, which includes requiring all users to utilize multifactor authentication (MFA) regardless of location; requiring employees doing remote work to use strong passwords if MFA is not available; and reviewing, validating, or removing privileged accounts on a regular basis.

Positive controls and architecture, such as properly configuring and securing internet-facing network devices, disabling unused or unnecessary network ports and protocols, encrypting network traffic, and disabling unused network services and devices are all examples of positive controls and architecture.

CISA Director Jen Easterly said that they know that malicious cyber actors return to what works, which means they target these same important software vulnerabilities and will continue to do so until corporations and organizations address them. CISA and its partners are issuing this advice to raise awareness about the dangers that the most widely exploited vulnerabilities bring to both public and private sector networks.

Easterly strongly advises that all businesses evaluate their vulnerability management processes and take steps to limit the risk of exploiting known vulnerabilities.

FBI Cyber Division Assistant Director Bryan Vorndran said that the FBI, in collaboration with federal and international partners, is sharing this information in order to better equip our private sector partners and the general public to defend their networks against adversary cyber threats. While the FBI will continue to seek and prevent malicious cyber activity, we need your assistance. We strongly urge private sector enterprises and the general public to take these steps to mitigate dangers from known vulnerabilities, and if you suspect you have been a victim of a cyber attack, contact your local FBI field office.

NSA Cybersecurity Director Rob Joyce said that this research should serve as a warning to enterprises that bad actors don’t need sophisticated tools to attack publicly known vulnerabilities. As these CVEs are actively exploited, he urged that one gets a handle on mitigations or patches.

Abigail Bradshaw, Head of the Australian Cyber Security Centre said that malicious cyber actors continue to attack private and public networks around the world using known and dated software vulnerabilities. To guarantee a safer online environment for everyone, the ACSC is committed to providing cyber security advice and sharing threat information with our partners. Organizations can protect themselves by implementing the effective mitigations mentioned in this recommendation.

Sami Khoury, the Director of the Canadian Centre for Cyber Security said that cyber security best practices, such as patch management, are critical tools for enterprises to better protect themselves against malicious threat actors. We recommend all companies to take action against known and commonly exploited vulnerabilities and make themselves more secure by following the proper mitigations outlined in this report.

Malicious cyber actors used recently discovered vulnerabilities to target internet-facing systems such as email servers and virtual private network (VPN) servers around the world. These individuals exploited publicly known or dated software vulnerabilities to a lesser extent in 2021, some of which were already recognized as commonly exploited in 2020 or before.