Log4j Breaches At Least 6 U.S. State Governments

By   ISBuzz Staff
Editorial Team , Information Security Buzz | Mar 09, 2022 04:07 am PST

Following the news that the China-backed APT41 hacking group has compromised at least six US state governments by exploiting the Log4j vulnerability, cyber security experts commented below.

Notify of
1 Expert Comment
Oldest Most Voted
Inline Feedbacks
View all comments
Brian Fox
Brian Fox , CTO and co-founder
Industry Leader
March 9, 2022 12:07 pm

The news of China’s APT41 hacking group breaching U.S. state government networks tracks with the typical time lapse we see with zero-day vulnerabilities like Log4Shell. The Equifax breach, which was similar in nature, took around five months to clear the airwaves from the initial exploit. So, from a historical perspective this isn’t surprising: a high-spread, low-complex vulnerability equals a 100 percent chance of being used.

What is more surprising and even more concerning is our data shows that nearly 40% of Log4Shell downloads are still of vulnerable versions. Meaning there’s a high chance that other state and national governments — not just in the U.S. — will be breached in the coming months by bad actors. What I advise now is what I’ve advocated for a long time: urge your software vendors to create and continuously update a software bill of materials and invest in a tool that includes software composition analysis (SCA). SCA provides a look at all the components in a project and determines the potential risk. These tools should be automated to monitor components across the entire Software Development Lifecycle.

Last edited 10 months ago by Brian Fox

Recent Posts

Would love your thoughts, please comment.x