The Health Sector Cybersecurity Coordination Center (HC3) recently issued a brief regarding the history of Log4j and what steps organizations can take to protect themselves from cybercriminals.
Read more: HIPAA compliant email: the definitive guide
Foreign actors and cybercriminal groups have significantly leveraged the Log4j vulnerabilities to exploit networks. The most significant threat to healthcare may be the Conti group, which has established a reputation for targeting the health sector and has started taking advantage of the Log4j vulnerabilities.
What are the Log4j vulnerabilities?
The initial vulnerability, identified in December as CVE-2021-44228, was rated as critical since it could easily deploy zero-day attacks. It was necessary to fix the vulnerability, which occurred with version 2.15.0. Unfortunately, this version also contained a vulnerability identified as CVE-2021-45046, which made it possible for denial of service (DoS) attacks. This was fixed with version 2.16.0.
But this wasn’t the end of the vulnerabilities found in Log4j. 4 other vulnerabilities were discovered in the weeks after December 15, 2021. The vulnerabilities were identified either as DoS, arbitrary code execution, or remote code execution. Most of these vulnerabilities were patched in updated versions of Log4j.
However, it’s not enough to simply update your systems to the latest version. As the HC3 brief emphasizes, “Do not assume upgrading is sufficient.” Healthcare providers should assume their system has been compromised and take proactive steps to confirm their network is secure.
What can be done about the vulnerabilities?
The HC3 brief recommends organizations continue to monitor the Apache site for additional vulnerabilities and patches/updates. It also provides resources to consult:
- CISA Log4j Affected Vendor and Software List
- VMWare vCenter Updates
- CISA Mitigation Guidance
- Additional CISA Guidance
- Log4j RCE Exploitation Detection Tool
The HC3 brief also recommends creating cybersecurity strategies for the future. Critical aspects to review include asset inventory, vulnerability management, defense in depth, acquisitions, and resilience.
How can Paubox help?
There is no doubt that a strong cybersecurity system is critical to ensuring the protection of patient data. The healthcare industry saw a 71% rise in cyber attacks in 2021. It’s worth the investment to ensure that your network is kept secure.
Due to human error, your employee’s inbox may be the most vulnerable aspect of your cybersecurity. Paubox Email Suite Plus is a HIPAA compliant solution that is equipped with robust inbound security tools to block spam, ransomware, viruses, and phishing emails from even entering an inbox.
Paubox is also unaffected by the Log4j vulnerability since our solutions don’t rely on any affected software. Mail delivery, encryption, and security are still functioning and keeping patient data safe.