While many in the security community are working hard to contain Log4Shell, a critical vulnerability in Apache, there is concern that not everyone is taking this seriously. Broad exploitation has already begun and in one month’s time, Tenable’s CEO and Chairman, Amit Yoran, expects to see several waves of iteration on this exploit, resulting in more aggressive damage that may be impossible to stop by then.
According to Tenable’s telemetry data, as of December 21 2021, only 70% of organisations have even scanned for the vulnerability. Of the assets that have been assessed, Log4Shell has been found in approximately 10% — including a wide range of servers, web applications, containers and IoT devices. Log4Shell is pervasive across all industries and geographies.
Amit Yoran is concerned that history is repeating itself, but this time the damage could be uncontainable. Speaking about the dangers posed, Amit warns:
“While EternalBlue wrought significant attacks, such as WannaCry, the potential here is much greater because of the pervasiveness of Log4j across both infrastructure and applications. No single vulnerability in history has so blatantly called out for remediation.
“Log4Shell has been identified as one of the biggest cybersecurity risks we’ve ever encountered, yet many organizations still aren’t taking action. According to our data, 30% of organizations haven’t begun assessing their environments for Log4Shell, let alone started patching.
“Log4Shell will define computing as we know it, separating those that put in the effort to protect themselves and those comfortable being negligent.”
His sentiments are reiterated in this blog.