A Case Study in Appropriately Responding to the Log4J Cybersecurity Vulnerability

Just in time for the holiday season, and at a time when cybercriminals are generally most active, industry experts discovered a critical vulnerability in a software commonly used by companies. The software, Apache Log4j, is a popular Java library for logging in applications. The vulnerability enables a remote attacker to take control of a device, potentially enabling cybercriminals the opportunity to steal sensitive data and deploy ransomware.

To combat this potentially devastating operational and legal outcome, IT security teams have been feverishly implementing patches to fix this vulnerability. Over the holidays, network scanners everywhere have been abuzz, searching for unpatched vulnerable systems. However, many organizations have found that they lack full inventories of all the software they use, making patching difficult and a never-ending game of whack-a-mole. Further, vendors and cloud-service providers are still struggling to issue fixes to all of their software products.

To add to the feeling of exhaustion and discontent, researchers say this flaw has been around for years, some estimate back as far as 2015. According to the US Cybersecurity and Infrastructure Security Agency (CISA) director Jen Easterly, the vulnerability is already being used by a “growing set of threat actors.” As such, industry experts expect that this incident will follow a pattern like the recent Hafnium attacks, where the whack-a-mole approach proved far from sufficient.

Read Full Article..