In this edition of cyber news roundup, we’ll be looking at the continuing cyber threat to health and education sectors, the risks that app stores pose to users, and 2021’s most exploited vulnerabilities.
Risks Posed to Education and Health Sectors
From statistics published by the ICO, the health and education sectors are facing a large number of dangerous cyber attacks. A worrying statistic that has come from a cyber security report conducted by CybSafe tells us that of all of the incidents reported last year, 34% were from the education and health sectors, which is higher than 2020’s figure. The same report also found that the education sector in particular has seen a 19% increase in cyber threats in that time.
The report also looked at the most common types of cyber attacks, and as has been a common theme across our time discussing cyber threats, phishing poses the biggest threat to organisations, whilst ransomware is becoming a bigger and bigger threat to all organisations as time goes on.
The NCSC has published various resources that schools can use to help stay protected against cyber threats, which I'll provide links for below.
Cyber Security in Schools: questions for governors and trustees
Application Store Risks
A new report has been published jointly by The NCSC and the Department for Digital, Culture, Media and Sports on the cyber risks associated with app stores. You can find the full report by clicking here.
With the vast majority of the population using smartphones and smart devices, app stores are being used to download apps for consumers to use. This poses a certain level of risk, as developers can make apps to publish on stores for people to then download. With there being various smartphone providers and therefore numerous app stores, the risks need to be fully understood so that breaches and cyber attacks can be prevented.
We encourage you to take a look at the full report, as it provides guidance on how we can protect ourselves against the threats posed by application stores, and ensure that we are using them safely.
Top Exploited Vulnerabilities in 2021
An advisory has recently been published by the UK along with the US, Canada, Australia, and New Zealand which looks at the 15 most exploited vulnerabilities in 2021. Malicious actors aggressively targeted newly disclosed critical software vulnerabilities across the public and private sector worldwide. In addition to this, they also targeted ‘internet-facing systems’ like email and VPN servers. Older vulnerabilities were also targeted according to the advisory (albeit to a lesser extent).
You can read the full advisory by clicking here.