The Five Eyes Alliance, an intelligence-sharing network comprising Australia, the United Kingdom (UK), the United States (US), Canada, and New Zealand, issued a warning on Wednesday regarding cybersecurity vulnerabilities that hackers could exploit after recent cyber attacks orchestrated by China.
In a joint statement with its sister agencies, the Australian Cyber Security Centre (ACSC) issued “advice on the top 30 cybersecurity vulnerabilities exploited by hackers over the past 18 months.” The five agencies also warned of increased opportunities for cyber attackers using remote work options, including virtual private networks (VPNs) and cloud-based services. In addition, they referred to last year’s four most targeted vulnerabilities related to remote work options.
ACSC chief Abigail Bradshaw said, “Malicious cyberattackers would continue exploiting weaknesses in everyday products, including Microsoft Office unless vulnerabilities are urgently addressed.” Likewise, Eric Goldstein from the US cybersecurity agency said, “Organisations that apply the best practices of cybersecurity, such as “patching”, can reduce their risk to cyber actors exploiting known vulnerabilities in their networks.”
The warning comes after a series of cyberattacks by China’s Ministry of State Security, including one on Microsoft Exchange software earlier this year. The cyber threats also included a ransomware attack by Chinese government-affiliated hackers who demanded millions of dollars from their targeted victims in the US and elsewhere. Several international actors, including the US, the UK, New Zealand, Australia, and the European Union, condemned the ransomware attacks and accused Beijing of coordinating cyberattacks and hiring organised criminals to steal intellectual property. Concerning this, the Australian government released a statement saying: “These actions have undermined international stability and security by opening the door to a range of other actors, including cybercriminals, who continue to exploit this vulnerability for illicit gain.”
However, the Chinese embassy in Australia refuted the allegations. It said, “Australia also has a poor record, including monitoring the mobile phone of the president of its biggest neighbour country, not to mention acting as an accomplice for the US’s eavesdropping activities under the framework of Five Eyes alliance.”
Earlier this year, the Five Eyes Alliance also caused some tension between Australia and New Zealand after the latter objected to “expanding the remit” of the intelligence-sharing network and expressed concern about using it to put pressure on China. Regarding this, New Zealand’s Foreign Minister, Nanaia Mahuta, said, “We are uncomfortable with expanding the remit of the Five Eyes. We would much rather prefer to look for multilateral opportunities to express our interests on several issues.” However, New Zealand now appears to have somewhat relaxed its position, as evidenced by the most recent statement of the Five Eyes Alliance on Chinese-led cyberattacks.
Five Eyes Alliance Warns of Cyber Vulnerabilities After Attacks By China
The Five Eyes Alliance warned of cyber vulnerabilities that the hackers could exploit after a recent cyber attack orchestrated by China.
July 29, 2021
SOURCE: ZD NET