The CERT-In: They are linked to Improper Access Control and allow a remote attacker to access meetings in stealth.
The UK NCSC: The country in the near future could suffer a life-threatening “category 1” cyber emergency. The Centre faces every week around 10 cyber attacks attempts, the majority of these perpetrated from within nation states
The United Kingdom in the near future could suffer a life-threatening “category 1” cyber emergency. It has been warned by the UK National Cyber Security Centre (NCSC) director, Ciaran Martin, introducing the The NCSC’s annual review. “I remain in little doubt we will be tested to the full, as a centre, and as a nation, by a major incident at some point in the years ahead, what we would call a category 1 attack,” he explained in relation of the around 10 cyber attacks attempts that every week the Centre repels. “The majority of these incidents were, we believe, perpetrated from within nation states in some way hostile to the UK,” Martin added. “They were undertaken by groups of computer hackers directed, sponsored or tolerated by the governments of those countries. These groups constitute the most acute and direct cyber threat to our national security.”
Ciaran Martin: The risks for the UK cyber security are not only from state-sponsored hackers, like the Russians. But also from the cybercrime
For the UK NCSC, a “category” 1 incident is a cyber attack which causes “sustained disruption” of essential services or affects national security, leading to severe economic or social consequences, or to loss of life. Until now, fortunately, the Great Britain never experienced this cathegory of event. But the Centre in two years of activities have already dealt with 1,167 cyber incidents. One of the top threat actor, as London accused the GRU of being behind a cyber attacks campaigns, is Russia. But not only. Martin in fact, stressed there is “much, much more” to the cyber security threat faced by the UK than just Russia. While nation state activity represents the most acute danger, low-sophistication but high-volume cybercrime is the “most chronic” one.