Cybersecurity in the manufacturing industry in 2022; Log4j vulnerability

assets/files/images/06_01_22/image-cybersecurity-warning-2nd-dangerous-apache-log4j-vulnerability-discovered-is-there-a-fix-164035866052208.jpg

With 2021 ending with Log4j shell, a cybersecurity threat which is expected to surpass SolarWinds, it is imperative that organisations rethink their digital safety strategy for the New Year.

The first evidence of critical infrastructure breach has already taken place, exposing cryptocurrency giants to fierce ransomware attacks, worth millions. 

Broad exploitation has already begun and in one month’s time, Tenable’s CEO and Chairman, Amit Yoran, expects to see several waves of iteration on this exploit, resulting in more aggressive damage that may be impossible to stop.

Yoran, who is also the former director of the National Cyber Security Division of the US Department of Homeland Security, is concerned that history is repeating itself, but this time the damage could be uncontainable. 

Yoran comments: “While EternalBlue wrought significant attacks, such as WannaCry, the potential here is much greater because of the pervasiveness of Log4j across both infrastructure and applications. No single vulnerability in history has so blatantly called out for remediation.

“Log4Shell has been identified as one of the biggest cybersecurity risks we’ve ever encountered, yet many organisations still aren’t taking action. According to our data, 30% of organizations haven’t begun assessing their environments for Log4Shell, let alone started patching.

“Log4Shell will define computing as we know it, separating those that put in the effort to protect themselves and those comfortable being negligent.”

Add a Comment

No messages on this article yet

Editorial: +44 (0)1892 536363
Publisher: +44 (0)208 440 0372
Subscribe FREE to the weekly E-newsletter