Welcome to the latest edition of the Neu Cyber Threats, a weekly series in which we bring attention to the latest cyber attacks, scams, frauds, malware including Ransomware and DDoS, in order to ensure you stay safe online.

Here are the most prominent threats which you should be aware of:

 

Enterprise connected devices could widen cyber attacks

Enterprise Connected Devices (ECDs) refer to any device which interacts with, holds, or processes an organisation’s data. As a result of the broad range of devices, ECDs can encompass other devices depending on their use. They can cross over to multiple other device classes, including End-user devices, the Internet of things, and Distinct ECDs.

These mainly refer to laptops and computers, phones, the devices connected to the Internet, and specialist equipment that may not always be available to the public.

With the growing number of items and devices that require access to the Internet and the amount of use they get every day, the risk increases. These devices are an excellent target for potential criminal activity as they are likely to hold confidential data, either private or work-based.

This can lead to lateral movement from one device to another over the network. Therefore it is crucial to have all devices protected and catalogued so that they can be monitored and any devices other than those meant for work can be removed from the environment.

To minimise this threat, use only the necessary devices at your offices and protect your network connection and devices in the best way you can.

An in-depth look into enterprise devices can be found published by the NCSC: Organisational use of Enterprise Connected Devices – NCSC.GOV.UK

CVE-2022-1388 BIG-IP iControl REST vulnerability

The NCSC is aware of a vulnerability affecting the F5 BIG-IP iControl REST interface.

This vulnerability may allow an unauthenticated attacker with network access to the BIG-IP system through the management port and/or self IP addresses to execute arbitrary system commands, create or delete files, or disable services.

The NCSC recommends following vendor best practice advice in the mitigation of vulnerabilities. This involves getting the latest updates completed as soon as possible.

More information and temporary mitigations can be found on the F5 website.

Potential escalation from Russia could still impact businesses

While any major attacks have not yet taken place in the UK, there is still potential for escalation by Russian cyber attackers or by individuals who are sympathetic to Russia.

High ranking cyber officials from the US have declared their worries surrounding the potential attacks and warned businesses and governments to steel their defences against any threats that may come their way.

The main threat that Russian hackers have been using is deploying numerous viruses to wipe computer systems and data backups.

The main reason for the warning is that while the attacks were expected at the start of the invasion, the threat of sanctions and retaliatory strikes may have delayed any attack. However, as sanctions begin to bite, the hackers may turn to UK and EU businesses.

Utilising an effective anti-virus and training end-users will be vital in stopping any attacks that could come your way – it is essential to stay vigilant in the face of the constant cyber conflicts in the world.

If you are concerned about any cyber security issues within your business, contact us today on 01283 753 333 or email hello@neuways.com.