• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
Cyber Security News

UK Government Department Using Unsupported Applications, Reveals Watchdog

You are here: Home / General Cyber Security News / UK Government Department Using Unsupported Applications, Reveals Watchdog
December 7, 2022

A key UK federal government section is relying on getting old technology and IT infrastructure, therefore decreasing the resiliency of crucial services and increasing the risk of cyber-attacks, a new report has found.

Just about a 3rd (30%) of applications applied by the Department for Environment, Meals and Rural Affairs (Defra) are unsupported, which means security or software package updates are no extended becoming issued for them, an investigation by the National Audit Place of work (NAO), the UK’s unbiased general public shelling out watchdog, exposed.

Defra is the governing administration department dependable for numerous critical environmental solutions, such as sickness avoidance, flood defense and air high-quality. A main cyber incident could have critical societal outcomes.

✔ Approved Seller From Our Partners
Mullvad VPN Discount

Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).

➤ Get Mullvad VPN with 12% Discount


The NAO’s investigation concluded that when Defra is taking measures to handle urgent service dangers and vulnerabilities in its digital methods, “it does not have a plan for the wider digital transformation that is required.”

In addition, the NAO observed that it was not until the government’s 2021 paying overview that the division was given the needed funding to tackle the issue in a strategic and prepared way, with £366m ($445m) offered for IT investment decision in the time period 2022-2025.

Considering the fact that getting this funding, Defra has begun generating development on tackling its most urgent electronic legacy issues. However, “the further cash are not sufficient to cut down threats to an satisfactory stage, nor fund a broader electronic transformation,” in accordance to the NAO.

The report extra that the section and its affiliated arm’s length bodies are not expecting to deal with its legacy units right up until 2030.

The new evaluation adopted an investigation carried out by the NAO in July 2021, which recognized IT legacy techniques as just one of six key regions of issue across government.

Gareth Davies, head of the NAO, commented: “Government proceeds to depend on many outdated IT methods at sizeable cost. Defra faces a specifically challenging process in replacing its legacy programs and has begun to tackle it in a structured way. The complete possible of technology in improving upon general public services and lessening cost to the taxpayer can only be accessed if this method and others like it across authorities are shipped proficiently.”

Reacting to the information, Raghu Nandakumara, head of market methods at Illumio, reported: “It’s regarding that a large proportion of governing administration units are becoming left susceptible to attack, especially with ransomware so prevalent. But it’s also not shocking.”

He extra that numerous large businesses have a large quantity of legacy infrastructure that can take a prolonged time to retire or patch. In these cases, it is vital ways are taken to cut down the risk of these kinds of devices getting exploited. “At a pretty least, this implies limiting access to systems and services with recognized vulnerabilities and imposing a tactic of the very least privilege,” he said.

Ed Williams, EMEA director of SpiderLabs at Trustwave, said that unsupported technology is one particular of the most important security problems for businesses currently.

“Technical financial debt for big intricate corporations compounds year on 12 months, every single exertion need to be produced to take away unsupported technology and to insert resiliency to companies by good asset administration, regular vulnerability scanning (both of those inner and external) and a sturdy pen check program,” he mentioned.  

Defra has not but responded to the NAO’s findings.


Some components of this write-up are sourced from:
www.infosecurity-magazine.com

Previous Post: «russian hackers spotted targeting u.s. military weapons and hardware supplier Russian Hackers Spotted Targeting U.S. Military Weapons and Hardware Supplier
Next Post: Chinese Hackers Using Russo-Ukrainian War Decoys to Target APAC and European Entities chinese hackers using russo ukrainian war decoys to target apac and»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • Qilin Ransomware Adds “Call Lawyer” Feature to Pressure Victims for Larger Ransoms
  • Iran’s State TV Hijacked Mid-Broadcast Amid Geopolitical Tensions; $90M Stolen in Crypto Heist
  • 6 Steps to 24/7 In-House SOC Success
  • Massive 7.3 Tbps DDoS Attack Delivers 37.4 TB in 45 Seconds, Targeting Hosting Provider
  • 67 Trojanized GitHub Repositories Found in Campaign Targeting Gamers and Developers
  • New Android Malware Surge Hits Devices via Overlays, Virtualization Fraud and NFC Theft
  • BlueNoroff Deepfake Zoom Scam Hits Crypto Employee with MacOS Backdoor Malware
  • Secure Vibe Coding: The Complete New Guide
  • Uncover LOTS Attacks Hiding in Trusted Tools — Learn How in This Free Expert Session
  • Russian APT29 Exploits Gmail App Passwords to Bypass 2FA in Targeted Phishing Campaign

Copyright © TheCyberSecurity.News, All Rights Reserved.