Across the industry, IT departments have been in overdrive as initial mitigations focus on patching systems as updates are made available. The phases ahead are where the true impact of this event will emerge. A history of recent attacks against critical industries and an escalating cybercrime environment mean that the vulnerability arrives with a heavy future cost and the potential for breach, data leakage, DDoS attacks, ransomware, botnets, and a spectrum of threats that cannot be estimated.
Ntirety has been actively responding to the Log4shell vulnerability as outlined by our response plans for Managed Security Services Stack customers and our general ecosystem. After thorough scanning and review of internal and vendor applications, we have mitigated every instance of Log4j through continuing updates and enforced controls on access levels.
Apache Log4j 2.x <= 2.15.0-rc1
A significant number of Java-based applications are using log4j as their logging utility and are vulnerable to this CVE. To the best of our knowledge, at least the following software may be impacted:
- Apache Struts
- Apache Druid
- Apache Flink
- Apache Dubbo
Additionally, as part of our holistic security approach, our advanced intelligence and monitoring systems are on the lookout for intrusions, analogous behaviors, account privilege tracking, and any lateral behaviors that may indicate a novel attack is occurring. Across our datacenters, Ntirety has also performed discovery and advisory for potentially vulnerable customers.
Our response planning is continually updated, and what comes next is equally as important to initial responses, as this vulnerability is destined to haunt the internet for years to come. Our 24/7 Security Operations Center is up to speed on tracking new potential threats and trained on how to recognize and respond appropriately. Exploits are just getting started and we are on high alert.
We highly recommend that organizations upgrade to the latest version (2.17.0) or higher of Apache log4j 2 for all systems, along with the addition of a managed security service to proactively protect your systems.
Schedule a consultation with Ntirety to learn about how we can help protect you from vulnerabilities through our Comprehensive Security approach.