Governments release joint advisory on top cyber vulnerabilities

Jul 28, 2021 - 02:37 PM
Cybersecurity Lock on Gold Wall

The U.S. Cybersecurity and Infrastructure Security Agency and FBI, Australian Cyber Security Centre, and United Kingdom National Cyber Security Centre today released an advisory detailing the top 30 cyber vulnerabilities in 2020 and 2021. 

“Organizations are encouraged to remediate or mitigate vulnerabilities as quickly as possible to reduce the risk of exploitation,” the advisory states. “Most can be remediated by patching and updating systems. Organizations that have not remediated these vulnerabilities should investigate for the presence of [indicators of compromise] and, if compromised, initiate incident response and recovery plans.”

John Riggi, AHA senior advisor for cybersecurity and risk, said, “This advisory is very important for a number of reasons. First, it clearly demonstrates that our cyber adversaries are most likely to exploit well-known vulnerabilities for which patches already exist. They are simply trying to beat us in the never-ending race to patch. This advisory also highlights the necessity of having an effective patch management program, especially as it relates to medical devices. On the plus side, this rare joint U.S., U.K. and Australian cyber advisory demonstrates the significantly increased level of cooperation and intelligence exchange in cyber defense among allied nations. No doubt the information contained in this advisory is of high confidence and should be acted upon immediately.”

For further information on this or other cyber and risk issues, contact Riggi at jriggi@aha.org.
 

Related News Articles

Headline
Medical technology company Stryker disrupted globally by cyberattack
Stryker, a medical technology company that provides services and products for hospitals, was disrupted globally by a cyberattack, the company announced March…
Headline
White House issues executive order addressing cybercrime by threat groups
The White House issued an executive order March 6 to combat cybercrimes by threat groups. The order highlights how such groups can receive willing or…
Headline
ASPR releases cybersecurity module to conduct risk assessments 
The Administration for Strategic Preparedness and Response has released a new cybersecurity module for organizations to conduct risk assessments. The free…
Perspective
Staying Cyber Alert and Cyber Ready
Public
As the world has learned in recent years, today’s conflicts are fought with many weapons, and cyber warfare is an integral part of the arsenal.As of this…
Headline
FBI reminds of potentially malicious activity by Iranian cyber actors
The FBI is reminding critical infrastructure organizations to implement mitigations from a June 2025 fact sheet on potential actions by Iranian-affiliated…
Headline
CISA report updates findings on RESURGE malware attacks
The Cybersecurity and Infrastructure Security Agency Feb. 26 released a report that updates findings from last year on RESURGE malware used to gain covert…