by Sara Nguyen
Article filed in

Log4j continues to cause havoc one month after discovery

by Sara Nguyen

Log4j continues to cause havoc one month after discovery - Paubox

The cybersecurity world was shaken when it was revealed that a popular logging library used by millions of people, Apache’s Log4j, contained a zero-day vulnerability that made it easy for hackers to install malicious software.

Read more: HIPAA compliant email

This isn’t the first time that open-source software contained a huge vulnerability. The 2017 Equifax data breach compromised nearly 150 million Americans’ personal information, and it stemmed from using open source software that didn’t patch a vulnerability flaw.

Read more: How to prevent security vulnerabilities before hackers exploit them

While the Apache Software Foundation quickly released a patch for the vulnerability, it was up to software developers and IT professionals to update their systems.

Unfortunately, over 40% of downloads still contain the Log4j vulnerability. This put millions of devices at-risk for hacking attempts. 

Cybersecurity and Infrastructure Agency (CISA) Directory Jen Easterly called the Log4j vulnerability the worst she has seen in her career and expects “intrusions well into the future” due to its widespread use.

How has the Log4j vulnerability been exploited by hackers so far?

Cybercriminals wasted no time in launching attacks using the Log4j vulnerability. According to Check Point Research, there were millions of cyberattacks per hour that attempted to exploit the software flaw.

Log4j had a hand in making 2021 a record-breaking year for hacking attempts. Organizations saw an all-time high of cyberattacks during Q4, and it peaked at over 900 attacks per week.

CISA hasn’t reported any major U.S. cyberattacks related to the Log4j vulnerability. But hackers are still managing to gain unauthorized access to servers. The Belgium Defense Ministry was forced to shut down part of its computer network after a breach triggered by the Log4j vulnerability.

Since the Log4j vulnerability is found in millions of downloads, businesses need to be aware of what their software contains. Microsoft warns, “Due to the many software and services that are impacted and given the pace of updates, this is expected to have a long tail for remediation, requiring ongoing, sustainable vigilance.”

How can organizations protect themselves?

CISA has previously released guidelines on the best way to protect your organization from a Log4j-related cyberattack. CISA has more recently collaborated with the FBI, NSA, and cybersecurity agencies from Australia, Canada, New Zealand, and the United Kingdom to release an additional advisory which recommends organizations take the following steps:

  • Identify assets affected by Log4Shell and other Log4j-related vulnerabilities.
  • Upgrade Log4j assets and affected products to the latest version as soon as patches are available and remain alert for vendor software updates.
  • Initiate hunt and incident response procedures to detect possible Log4Shell exploitation. 

The advisory also breaks down these steps in a more detailed manner which should be carefully read by vendors using Log4j assets. 

How can Paubox help?

Healthcare continues to see a rise in cyberattacks; it saw a 71% increase in attacks in 2021. Covered entities should remain vigilant in ensuring their software doesn’t contain the Log4j vulnerability while also maintaining HIPAA compliance standards.

Your inbox may be the most vulnerable place for a cyberattack to occur since phishing emails are a common threat vector. Paubox Email Suite Plus is a HIPAA compliant solution that is equipped with robust inbound security tools to block spam, ransomware, viruses, and phishing emails from even entering an inbox.

Our HITRUST CSF certified software also includes several other tools to protect yourself from malicious emails. Paubox Email Suite Plus uses the patented ExecProtect to prevent display name spoofing attacks. It also has Zero Trust Email, which requires servers to provide an additional layer of authentication before an email is allowed in your inbox.

Recent events have shown there is always a risk for a cyberattack, and it’s worth the investment to protect your healthcare organization’s data.

Try Paubox Email Suite Plus for FREE today.