Cyber Campaign Exploiting Established Vulnerabilities – Technologist
Organisations are urged to strengthen their cyber defences and follow the guidance outlined in the latest advisory from the UK’s National Cyber Security Centre (NCSC) and US agencies. It is a reaction to warn businesses about a cyber campaign exploiting established vulnerabilities in software.
A Cyber campaign is exploiting established vulnerabilities
UK and US cyber authorities warn of large-scale vulnerability exploitation by Russian cyber actors linked to Russia’s Foreign Intelligence Service (SVR). Organisations are advised to swiftly apply patches and prioritise software updates to block potential access from these threat actors.
The NCSC, in collaboration with US counterparts, has released new guidance highlighting the SVR’s use of these vulnerabilities to collect intelligence and carry out future cyber security operations, including efforts supporting Russia’s ongoing invasion of Ukraine.
The advisory outlines that SVR actors, also known as APT29, are engaged in a widespread campaign to exploit more than 20 known vulnerabilities. Their targets fall into two categories: “targets of intent” and “targets of opportunity.”
Who are the targets?
Government bodies, diplomatic entities, think tanks, tech firms, and financial institutions globally, including in the UK, are among the targets of intent.
Scanning for unpatched systems at scale, which can include any organisation with exposed vulnerabilities, finds targets of opportunity.
Once access is gained, SVR cyber actors can escalate their operations within the compromised network or move laterally into connected systems, such as supply chains.
What have the NCSC said?
Paul Chichester, NCSC Director of Operations, stated:
“Russian cyber actors are highly skilled at exploiting unpatched systems across various sectors. Once inside, they leverage this access to further their goals. We strongly encourage all organisations to follow the advisory’s recommendations and prioritise applying patches and updates.”
Are there any other cyber campaigns exploiting established vulnerabilities?
Any UK organisation impacted by the vulnerabilities outlined should promptly notify the NCSC.
Earlier this year, the NCSC exposed how SVR-linked actors have adjusted their methods in response to the growing shift towards cloud-based infrastructure. These cyber actors have previously been linked to the SolarWinds supply chain breach and the targeting of COVID-19 vaccine development.
The NCSC, the FBI, and the NSA have issued this joint advisory.
For help with managed cyber security services, speak to Neuways.
Top Online Video Platforms for Creators – Technologist
What is Task Manager Mac? Benefits and Usage – Technologist
Gadget Guard- Buy Screen Protectors and Phone Cases Online – Technologist
About The Author
admin
Azeem Rajpoot, the author behind Technolo Gist, is a passionate tech enthusiast with a keen interest in exploring and sharing insights about the rapidly evolving world of technology. With a background in Technologist, Azeem brings a unique perspective to the blog, offering in-depth analyses, reviews, and thought-provoking articles. Committed to making technology accessible to all, Azeem strives to deliver content that not only keeps readers informed about the latest trends but also sparks curiosity and discussions. Follow Azeem on this exciting tech journey to stay updated and inspired.