With UK Politics overshadowing cyber news we would like to highlight these cyber security incidents, the main events being the firing of Germany’s cyber security chief due to his ties with Russia and the release of a new report showing that UK businesses are experiencing an unprecedented number of cyber attacks.
This week’s observations from our Incident Response Team
- Following on from last week we continue to urge customers to address the CVE-2022-40684 zero-day vulnerability as the number of devices still to be patched remains high. The vulnerability impacts FortiOS versions from 7.0.0 to 7.0.6 and from 7.2.0 to 7.2.1. FortiProxy versions from 7.0.0 to 7.0.6 and 7.2.0 are also impacted. Customers that are not able to upgrade their systems should Disable HTTP/HTTPS administrative interface or Limit IP addresses that can reach it.
- According to some reports a remote code execution flaw in the Apache Commons Text Library has raised concerns that it could become the next Log4Shell. We do not believe this is anywhere close to being as concerning as that, but the new vulnerability dubbed Text4Shell should be monitored. “Text4Shell” is being poked at but it’s not thought to be anywhere near as dangerous as Log4shell was,” said Integrity 360’s Cyber Threat Response Manager Patrick Wragg.
Germany fires Cyber Security Chief
The German government fired its cyber security chief this week due to allegations that he had ‘excessively’ close ties to the Russian Federation. Arne Schönbohm was accused of having links to the members of the Russian intelligence services via an association that he helped set up. The German media dug into his links with the Russian company which was established by a former KGB agent with close ties to Vladimir Putin. The revelations were exposed on a popular German late night talk show.
Consequently, Arne was dismissed with immediate effect. The move comes as concerns increase that Russia is stepping up its cyber attacks against critical infrastructure against western nations as we enter the winter months.
Read our advisory on the Russia/Ukraine Conflict
New Report reveals that UK businesses are facing an unprecedented number of cyber attacks
A new report released by Oxford economics in conjunction with a cloud security firm has revealed that UK businesses are facing an unprecedented number of cyber attacks and that many senior executives are not confident that in their business’s ability to defend itself. The key findings of The State of Cyber Security in the UK report include –
- Organisations face an average of 24 cyber security incidents over the last 12-months. This figure increases sharply in the insurance and finance sectors.
- 47% of polled organisations cited the skills shortage as the biggest hurdle to achieving their cybersecurity goals. Read our blog on how using an MSSP can help your organisation overcome the challenges posed by the skills shortage HERE
- Phishing and malware were the threats that concerned business’s most, however only half of respondents were confident in handling these threats. Read our blog on how phishing testing can help your organization HERE
Integrity360 has proven experience working with major financial institutions and banks, helping to ensure their customers and employees always stay protected.
Get in touch to find out how you can protect your organisation itself from financial services most challenging cyber-threats.