Cyber security news roundup: December 2021

Published on: 5 Jan 2022

We're rounding up some of the biggest cyber security stories of the past few weeks. In December, a major new software vulnerability was uncovered, predictions were made for the coming year in cyber security and hacking attacks on the UK Ministry of Defence (MoD) and carmaker Volvo were revealed.

'Cyberdemic' set to continue into 2022

A new forecast has warned that the wave of cyber attacks seeking to take advantage of shifts in working patterns brought on by the pandemic will continue long into 2022.

Research by Experian named vulnerabilities caused by remote or hybrid working as one of the top threats for the year ahead, along with attacks on infrastructure and cyber criminals looking to take advantage of continued supply chain disruptions.

Michael Bruemmer, global vice-president of Experian Data Breach Resolution, said:  "Businesses must increase their focus and move past simply catching up to the 'new normal'... Security professionals need to shore up security protocols and have data breach response plans in place - especially for ransomware - should a breach occur."

Businesses urged to mitigate against new Log4j vulnerability

A newly-discovered vulnerability has been found in Apache's Log4j Java logging library that could put many firms at risk unless they move quickly to apply patches. The weakness could allow hackers to take control of vulnerable systems remotely, allowing them to steal passwords and logins, extract data, and infect networks with malicious software

Log4j is used in a wide range of web applications for logging activity and is found across software applications and online services. As the vulnerability requires very little expertise to exploit, it has been described by the National Cyber Security Centre (NCSC) as "potentially the most severe computer vulnerability in years".

Apache has rushed to release patches for the flaw, but it will be incumbent on IT professionals to implement them across their systems. The NCSC urged all businesses to check their systems for the use of Log4j - which in many cases, they may not even be aware they use - and to contact their software vendors.

'Significant damage' caused in attack on UK's Defence Academy

A cyber attack aimed at the UK's Defence Academy in 2021 caused a significant amount of damage and forced the organisation to undergo a major rebuild of its network, a retired officer has revealed.

Air Marshal Edward Stringer said the attack was discovered in March and, while it was ultimately unsuccessful, there were significant costs involved while the damage was rectified. Speaking to Sky News, he said the alarm was raised by contractors working for outsourcing firm Serco, who spotted "external agents on our network who looked like they were there for what looked pretty quickly like nefarious reasons".

He speculated the hackers may have been attempting to use the school - which trains 28,000 military personnel, diplomats and civil servants a year - as a backdoor into other MoD networks. There was no indication of who may be responsible, but the incident highlighted the risk posed to any organisation with connections to potentially sensitive networks.

Employee burnout putting businesses at risk of cyber attack

A high level of burnout among cyber security professionals and other employees could be leaving businesses vulnerable to hacking attacks, new research has warned.

A study by security firm 1Password found challenges such as remote working are leaving staff members less likely to pay attention to guidelines, with apathetic workers three times more likely to ignore suggested best practices, such as using easy-to-guess passwords or downloading software and apps without IT's express permission.

The research warned cyber security pros are not immune to this, with 84 per cent of these professionals feeling burned out. Jeff Shiner, chief executive officer at 1Password, commented. "It's particularly surprising to find that burned-out security leaders, charged with protecting businesses, are doing a far worse job of following security guidelines – and putting companies at risk".

Confidential data stolen in Volvo data breach

A data breach targeting automaker Volvo has resulted in the theft of valuable research and development data, highlighting that company data continues to be a key target for hackers.

In a statement, the Swedish firm said one of its file repositories had been illegally accessed by a third-party, with data including trade secrets, personally identifiable information, blueprints of engines and production facilities and confidential agreements among the information stolen. Volvo cited "employee internal threats and external security weaknesses across the automotive supply chain" as causes of the breach, TechCrunch reports.

It appears the theft deliberately targeted this company data rather than customer or financial information and, despite the relatively small size of the breach, Volvo said there may be an impact on its operations. The breach therefore illustrates the importance of having strong security measures in place to protect these precious assets.