With hundreds of thousands of attack attempts detected and blocked by ESET systems alone, there is no time to lose. It will probably be a matter of time before attacks intensify through vulnerability Log4Shell.
Business leaders may be aware of the budget they have approved for their IT department, but they often do not know if their company's IT systems have been updated or if vulnerabilities have been fixed.
Of course, things change when an emergency news item arises about another company being hacked or for data breach due to a vulnerability in the software it used. Reading such a news, business leaders should ask themselves: “Does my company also use this software? And, if so, have we taken the necessary steps to protect ourselves? ”
One such case is the Log4Shell vulnerability that recently monopolized the international media. Initially, this vulnerability concerns a piece of code - the Apache Log4j 2 platform - that is used globally and could easily exist in the software used by your company, even without the knowledge of IT staff.
In that sense, it's almost like any other vulnerability that information security teams typically deal with. In addition, exploiting the vulnerability in this code is rather simple for cybercriminals and therefore dangerous for your business.
Sitting behind their computer screen somewhere far away (or probably not so far away) and armed with little knowledge of the Java programming language, cybercriminals can scan the internet and send malicious packets to compromise some of your systems. are exposed to the Internet and running a vulnerable version of this code library.
If your system is infected with such a malicious package, the game may be almost over because the attacker has now instructed one of your systems to try to contact a website and download malware that could take over. complete control of this system.
In the same way, a cybercriminal already on your network could just as easily move to other systems, using the same tactics.
So far, ESET detection systems have seen attackers try to carry malware such as coin miners, Tsunami trojans and Mirai, as well as the Meterpreter penetration test tool. It may be a matter of time before attacks intensify and advanced threat providers massively target vulnerabilities.
Η vulnerability Log4Shell provoked reactions internationally, with companies taking full control of all software they use and / or develop for the presence of vulnerable versions of the Log4j 2 library. With hundreds of thousands of attack attempts detected and blocked only by ESET systems time to lose.
Business leaders need to talk to their company IT staff to make sure that all software items from A to Z are fully searched, based on a list of priorities.
Many software developers have already tested their products and published customer tips on whether they are affected and, if so, what action customers should take. Your company's IT team should seek these tips immediately.
It is important that once vulnerable versions of the Log4j library are found, IT teams update to the latest version of the library, which is currently 2.16.0. IT managers can follow the tips provided are here.