The National Cyber Security Centre (NCSC) and its international partners have issued an urgent advisory highlighting the growing trend of threat actors exploiting zero-day vulnerabilities, emphasising the importance of proactive security measures.
This joint advisory has been published by NCSC (UK), the US Cybersecurity and Infrastructure Security Agency (CISA), the US Federal Bureau of Investigation (FBI), US National Security Agency (NSA), Australian Cyber Security Centre (ACSC), Canadian Centre for Cyber Security (CCCS), New Zealand National Cyber Security Centre (NCSC-NZ), and CERT NZ.
The UK NCSC, in collaboration with cybersecurity agencies from the United States, Australia, Canada, New Zealand, and others, identified the top 15 most commonly exploited vulnerabilities of 2023. A majority of these vulnerabilities were initially targeted as zero-days—newly discovered flaws without immediate patches, allowing cybercriminals to strike high-priority targets before fixes were available.
The advisory highlights a notable shift compared to 2022, when fewer than half of the top vulnerabilities were exploited as zero-days. The rise in zero-day attacks has continued into 2024, underlining the evolving tactics of cyber adversaries.
The advisory urges organisations to stay vigilant in their vulnerability management practices, prioritising the timely application of security updates and ensuring that all assets are identified and protected. It also calls on technology vendors and developers to adopt secure-by-design principles to minimise product vulnerabilities from the outset.
T-Mobile‘s network was among those breached in a prolonged cyber-espionage campaign attributed to Chinese intelligence-linked hackers, according to a Wall Street Journal report. The attackers allegedly targeted multiple US and international telecom companies to monitor cellphone communications of high-value intelligence targets. T-Mobile confirmed it was aware of the industry-wide attack but stated there was no significant impact on its systems or evidence of customer data being compromised.
The Federal Bureau of Investigation (FBI) and the US Cybersecurity and Infrastructure Security Agency (CISA) recently disclosed that China-linked hackers intercepted surveillance data intended for American law enforcement by infiltrating telecom networks. Earlier reports revealed breaches into US broadband providers, including Verizon, AT&T, and Lumen Technologies, where hackers accessed systems used for court-authorised wiretapping.
China has consistently denied allegations of engaging in cyber espionage, rejecting claims by the US and its allies that it orchestrates such operations. The latest revelations highlight persistent vulnerabilities in critical communication networks targeted by state-backed hackers.
South Africa is considering reducing taxes on smartphones to make them more affordable as the country prepares to phase out 2G and 3G networks. Communications Minister Solly Malatsi revealed he has had initial discussions with the Treasury about cutting the ad valorem tax, which currently increases smartphone prices. The goal is to support accessibility to newer, faster networks like 4G and 5G.
The government’s policy, outlined in the Next Generation Radio Frequency Spectrum Policy paper, aims to fully shut down older networks by 31 December 2027. The phasing out of these networks is intended to free up valuable radio waves for advanced technologies. However, critics argue that the move could worsen the digital divide, particularly impacting low-income and rural populations who may struggle to afford smartphones compatible with faster networks.
Malatsi emphasised that making smart devices more affordable is crucial, noting that eliminating the luxury excise tax could significantly reduce costs. The country’s largest telecom operators, MTN and Vodacom, have called for collaboration between industry stakeholders and the government to manage the transition. The Association of Comms and Technology has also urged the government to ease the transition by lowering taxes and reconsidering a strict shutdown deadline.
The London Internet Exchange (LINX) will expand its presence in Africa, announcing plans to open new internet exchange points (IXPs) in Ghana and Kenya by early 2025. This move aims to strengthen connectivity in both West and East Africa, where demand for internet services continues to grow rapidly.
In Ghana, LINX Accra will launch in phases with data centres from Onix and PAIX, enabling a robust and interconnected system. This setup will allow networks to connect at LINX Accra through a single cross-connect, enhancing redundancy and interconnectivity. The phased rollout is expected to significantly support Ghana’s local internet service providers and infrastructure.
In Kenya, LINX Mombasa will be the first IXP at the iColo MBA2 facility in partnership with local data centre provider iColo, a subsidiary of Digital Realty. Built to mirror LINX’s existing IXP in Nairobi, the Mombasa site will provide high-speed services through 100G ports and strengthen interconnection across the East African region.
Both Ghana and Kenya, strategically positioned on Africa’s coastlines, benefit from numerous submarine cable landing points. LINX believes these new IXPs will establish Ghana and Kenya as key internet traffic hubs in Africa, boosting local ISP growth and supporting international connectivity.
The incoming European Commissioner for Tech Sovereignty, Security, and Democracy, Henna Virkkunen, expressed dissatisfaction with the limited action taken by EU member states to exclude high-risk telecom suppliers, such as China’s Huawei and ZTE, from critical infrastructure. During her confirmation hearing in the European Parliament, Virkkunen noted that although the European Commission adopted 5G security measures in 2020, fewer than half of the EU member states have implemented restrictions on these suppliers. She indicated that this issue will be addressed in the planned revision of the Cyber Security Act next year and stressed the need for more serious action from national governments.
Virkkunen also pointed out that while the EU had adopted the 5G Cybersecurity Toolbox to protect telecom networks, only 11 of the 27 member states have fully implemented measures, including bans and restrictions on high-risk vendors. In addition to her efforts to strengthen cybersecurity, Virkkunen plans to propose a Digital Networks Act in 2025 to overhaul telecom regulations and boost investment and connectivity. On the topic of US Big Tech compliance with EU rules, she reaffirmed the importance of cooperation but emphasised that all companies must adhere to EU regulations, including those set out in the Digital Services Act.
Germany is strengthening its cyber defences as elections approach, with Interior Minister Nancy Faeser highlighting the need for robust protections against cyber-attacks and disinformation. Faeser warned of potential threats from Russia and other foreign actors, stressing that democracy must also be safeguarded in the digital realm.
The annual report from the Federal Office for Information Security pointed to Germany’s vulnerability to hybrid threats, which include hacking, manipulation, and disinformation. Faeser confirmed plans to bolster cybersecurity, aiming to counteract any attempts at digital interference that could destabilise the election process.
Germany’s snap elections are set for early next year, following the collapse of Chancellor Olaf Scholz’s coalition government amid economic concerns and rising populism. While recent elections saw no major cybersecurity incidents, authorities continue to monitor for risks.
With the political landscape in flux, security agencies remain vigilant. Enhanced measures are in place to detect and address cyber threats as the nation prepares for a potentially turbulent electoral period.
The US Transportation Security Administration (TSA) has proposed a new cybersecurity rule designed to strengthen the resilience of surface transportation infrastructure. Specifically, the rule mandates high-risk operators, including those in the pipeline, railroad, and bus sectors, to implement comprehensive Cyber Risk Management (CRM) programs to manage and mitigate cybersecurity risks.
In addition to this, operators will be required to report cybersecurity incidents to the Cybersecurity and Infrastructure Security Agency (CISA) and physical security concerns to TSA. Furthermore, the rule stipulates that operators must develop and maintain detailed cybersecurity plans, including a Cybersecurity Assessment Plan (CAP) for annual evaluations and a Cybersecurity Operational Implementation Plan (COIP) to guide improvements.
These plans must incorporate governance structures, designate cybersecurity coordinators, and undergo regular audits to assess their effectiveness. Moreover, the rule promotes a defence-in-depth approach to cybersecurity by including system monitoring, patch management, and incident response planning, all of which aim to reduce the impact of cyberattacks.
Additionally, TSA seeks public feedback on the rule’s potential compliance burdens, economic impacts, and ways to streamline the process, particularly for smaller entities. TSA’s initiative reflects a broader commitment to enhancing the cybersecurity posture of surface transportation systems while ensuring regulatory consistency across federal, state, and local levels.
Why does it matter?
The agency is seeking input on reducing redundancies and improving alignment with existing regulations, particularly in cybersecurity training and personnel vetting for high-risk industries. By gathering feedback, TSA aims to refine the rule and ensure it effectively addresses the evolving cyber threats facing the nation’s critical transportation infrastructure.
The UK government has ordered China-registered Future Technology Devices International Holding Ltd to sell the majority stake—80.2%—in Scottish chipmaker FTDI, citing national security concerns. The government voiced concerns that UK-developed semiconductor technology and intellectual property could be misused if controlled by foreign interests that have been considered potentially harmful.
This directive requires FTDI’s Chinese parent company to follow a set procedure and timeline to complete the sale. The move highlights the UK’s efforts to protect sensitive technology sectors and its vigilance over foreign investments that may impact national security.
Increasingly, governments worldwide are scrutinising tech-related investments, especially in semiconductor industries, due to the strategic importance of chip technologies in national defence, infrastructure, and critical sectors.
A Chinese state-sponsored hacking group, Volt Typhoon, reportedly breached Singapore Telecommunications (SingTel) in June as part of a broader cyber campaign targeting telecom companies and critical infrastructure globally.
SingTel confirmed that malware was detected during the breach but assured there was no data exfiltrated or service disruption. The company took immediate action, reporting the incident to authorities, though it could not confirm if the breach was the same event mentioned in media reports.
Chinese officials have denied involvement in the attack, with a spokesperson asserting that China opposes all forms of cyberattacks. Volt Typhoon, previously linked to cyberattacks on critical US infrastructure, is believed to have used this incident as a test for potential future attacks on US telecom firms. The breach highlights the growing concerns over Chinese cyber activities targeting global critical infrastructure.
The head of US cybersecurity, Jen Easterly, announced Monday that, despite an increase in disinformation targeting the 2024 presidential election, there has been no evidence of interference capable of affecting the election outcome. Easterly noted the unprecedented levels of false information spreading across online platforms, much of which has been attributed to foreign actors aiming to sow division among voters.
US authorities have pointed to Russia as one of the primary sources of election-related disinformation, including a widely circulated fake video in Georgia showing an immigrant falsely claiming to have voted multiple times. Officials say that similar tactics are expected to continue beyond Election Day, targeting trust in the electoral process through to January.
Easterly assured voters that election security is stronger than ever, thanks to enhanced protective measures and improved preparedness across voting jurisdictions. Her message emphasised the government’s ongoing commitment to maintaining safe, secure, and reliable elections for all Americans.
