https://www.channelfutures.com/wp-content/themes/channelfutures_child/assets/images/logo/footer-new-logo.png
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Technology Solutions Brokerages
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
  • MSP 501
    • Back
    • Complete 2023 MSP 501 Rankings
    • 2023 MSP 501 50-1
    • 2023 MSP 501 100-51
    • 2023 MSP 501 150-101
    • 2023 MSP 501 200-151
    • 2023 MSP 501 250-201
    • 2023 MSP 501 300-251
    • 2023 MSP 501 350-301
    • 2023 MSP 501 400-351
    • 2023 MSP 501 450-401
    • 2023 MSP 501 501-451
    • NextGen 101 Rankings
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
  • Channel Futures TV
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
  • Resources
    • Back
    • Channel Futures 20: Top Tech Providers
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Advertise
    • 2023 Editorial Calendar
  • Awards
    • Back
    • 2023 MSP 501
    • 2023 NextGen 101
    • Channel Influencers
    • Circle of Excellence
    • DE&I 101
    • Technology Advisor 101 (TA 101)
    • Channel Leaders Lists
  • Events
    • Back
    • 2024 CP Expo Call for Speakers
    • Channel Futures Leadership Summit
    • MSP Summit
    • CP Conference & Expo
    • Channel Partners Europe
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • About Us
  • DE&I
Channel Futures
  • NEWSLETTER
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Technology Solutions Brokerages
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
  • MSP 501
    • Back
    • Complete 2023 MSP 501 Rankings
    • 2023 MSP 501 50-1
    • 2023 MSP 501 100-51
    • 2023 MSP 501 150-101
    • 2023 MSP 501 200-151
    • 2023 MSP 501 250-201
    • 2023 MSP 501 300-251
    • 2023 MSP 501 350-301
    • 2023 MSP 501 400-351
    • 2023 MSP 501 450-401
    • 2023 MSP 501 501-451
    • NextGen 101 Rankings
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
  • Channel Futures TV
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
  • Resources
    • Back
    • Channel Futures 20: Top Tech Providers
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Advertise
    • 2023 Editorial Calendar
  • Awards
    • Back
    • 2023 MSP 501
    • 2023 NextGen 101
    • Channel Influencers
    • Circle of Excellence
    • DE&I 101
    • Technology Advisor 101 (TA 101)
    • Channel Leaders Lists
  • Events
    • Back
    • 2024 CP Expo Call for Speakers
    • Channel Futures Leadership Summit
    • MSP Summit
    • CP Conference & Expo
    • Channel Partners Europe
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • About Us
  • DE&I
    • Newsletter
  • REGISTER
  • MSPs
  • VARs / SIs
  • Agents
  • Cloud Service Providers
  • Channel Partners Events
 Channel Futures

MSSP Insider


Shutterstock

Vulnerability

Nation-States Pounce on Easy-to-Exploit Log4Shell Software Vulnerability

  • Written by Edward Gately
  • December 16, 2021
The discovery of the Log4Shell software vulnerability could not have come at a worse time.

Nation-states such as Iran, China and North Korea are actively looking for ways to exploit the Log4Shell software vulnerability.

NCA's Lisa Plaggemier

NCA’s Lisa Plaggemier

That’s according to Lisa Plaggemier, interim executive director of the National Cybersecurity Alliance (NCA). Last week, researchers discovered a zero-day exploit in the popular Java logging library log4j. It results in remote code execution (RCE) by logging a certain string.

UKG, the parent company of human resources management company Kronos, has been hit with ransomware. Although the company isn’t confirming it, reports suggest the ransomware attack exploited the Log4Shell software vulnerability.

Thousands of applications, libraries and frameworks use log4j.

CloudFlare, Minecraft, SMBs Impacted

“Unfortunately, the ramifications of this vulnerability have proven to be just as far-reaching as many had anticipated,” Plaggemier said. “Businesses ranging from Apple’s CloudFlare and Minecraft to SMBs have all been impacted by this vulnerability, and are working incredibly rapidly to patch it. The good news is that Apache has made a patch readily available. And many companies including IBM, AWS and many others, have been keeping their customers apprised of progress around the situation. However, this has certainly been incredibly concerning for those impacted and is definitely a black eye for such a widely used and trusted tool.”

On its website, CloudFlare urges any customers using log4j to update to version 2.16.0 as soon as possible.

“To make matters worse for those affected, it has been uncovered that nation-states such as Iran, China and North Korea, have all begun looking into ways to exploit this vulnerability – if they haven’t already,” Plaggemier said. “And regrettably it seems that this could only be the tip of the iceberg as cybercriminals look for similar vulnerabilities in related tools.”

From a timing perspective, the discovery of the Log4Shell software vulnerability could not have come at a worse time, she said.

“With the typical surge of online shopping around the holidays, paired with the ongoing fallout of the COVID-19 pandemic and the supply chain gridlock, another disruption is the last thing businesses need right now,” Plaggemier said. “Therefore, it is really important that Apache continues to do everything it possibly can to get patches installed as quickly as possible.”

Long-Play Vulnerability

Sophos' Sean Gallagher

Sophos’ Sean Gallagher

Sean Gallagher is senior threat researcher at Sophos.

“We are tracking attempts, but we have no specific information on victims of the exploit working at this time,” he said. “This is a long play vulnerability, and we may not know who was affected for weeks or months.”

There are indications from other sources that some advanced persistent threats (APTs) have been trying to use the exploit, Gallagher said.

This is a vulnerability that would lend itself to espionage or state-sponsored attacks, he said.

Sophos sees the number of overall probes going down, Gallagher said. But that’s likely the result of reduced mass-scanning and more targeted attempts.

“The danger remains the same,” he said. “If you’ve checked and found your Java-based server applications are currently not vulnerable, but you’re running the previous version of log4j 2.x, you need to determine if you patched it or if an external actor did after exploiting it.”

There’s already been previous patterns of ransomware during the holidays, Gallagher said.

Want to contact the author directly about this story? Have ideas for a follow-up article? Email Edward Gately or connect with him on LinkedIn.
Tags: MSPs MSSP Insider Best Practices Channel Research Cloud Security

Most Recent


  • Cisco acquisition of Splunk gets partner reaction
    Partners Hope Splunk Keeps 'Pace of Innovation' in Cisco Acquisition
    All will be well if Cisco integrates Splunk the way it integrated Meraki, a partner told Channel Futures.
  • Broadcom-VMware and China
    Broadcom-VMware Hits Snag in China as IT Incurs Too-High Cloud Costs
    Our latest cloud news roundup features an acquisition update, looks at research you need to know, and more.
  • cloud marketplaces
    Haven’t Drunk the Cloud Marketplaces Kool-Aid? It’s About Time You Did
    The Ultimate Partner's Vince Menzione explains why channel partners (small ones, too) need to get on board.
  • Red Hat partner program getting a revamp
    Red Hat Partner Program Set for Revamp
    Red Hat is overhauling its partner program to better reflect its ecosystem of partners, says a channel exec.

Leave a comment Cancel reply

-or-

Log in with your Channel Futures account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

Related Content

  • no passwords
    Beyond Identity Urges Channel to Capitalize on Demand for Passwordless
  • Skull with code background
    Alternative Attack Vector Discovered for Log4J Vulnerability
  • Security Vulnerability
    Log4Shell Vulnerability To Have Massive Impact Into 2022 And Beyond
  • Pile of Cash
    Cequence Security Lands $60 Million to Protect APIs, ‘A New Attack Vector’

Upcoming Events

View all

Channel Futures Leadership Summit

October 30, 2023 - November 2, 2023

Channel Partners Conference & Expo

March 11, 2024 - March 14, 2024

Channel Futures Leadership Summit 2024

September 17, 2024 - September 19, 2024

Galleries

View all

Broadcom-VMware Hits Snag in China as IT Incurs Too-High Cloud Costs

September 22, 2023

Cisco’s Splunk Acquisition ‘True Bombshell Move,’ Will Have Massive Impact on Cybersecurity

September 21, 2023

Cisco SMB Business Gets Updated Sales Coverage Model, New Investments

September 21, 2023

Industry Perspectives

View all

Why Conversational AI Matters for Your Customers and How It Can Boost Your Revenue

September 15, 2023

The 5 Ds that Lead to Unplanned Business Sales

September 13, 2023

Hot Generative AI Market Must ‘Cool Down’

August 28, 2023

Webinars

View all

MSP 501: Leadership in Cybersecurity

October 19, 2023

DE&I: Find the Balance that Works for You

September 7, 2023

Above and Beyond with the NextGen 101ers

August 30, 2023

White Papers

View all

6 UCaaS Reseller Challenges and How Real World Businesses Solved Them

February 1, 2023

Frost Radar: North American UCaaS Market, 2022

February 1, 2023

The Complete Guide to White-Label UCaaS for Reseller Success

February 1, 2023

Channel Futures TV

View all

Coffee with Craig and James Episode 129: ZLH Enterprises

Coffee with Craig and James Episode 128: Channel Partner Strategies Intelligence Service

August 25, 2023

Coffee with Craig and James Episode 127: Expereo, Movie Night Returns

August 18, 2023

Coffee with Craig and James Episode 126: ARG

July 28, 2023

MSP 501

The industry's largest and most comprehensive partner awards program.

Newsletters and Updates

Sign up for The Channel Report, Channel Futures Update, MSP 501 Newsletter and more.

Live Channel Events

Get the latest information on the next industry-leading Channel Partners event.

Galleries

Educational slide shows and images from live events.

Media Kit And Advertising

Want to reach our audience? Access our media kit.

DISCOVER MORE FROM INFORMA TECH

  • Channel Partners Events
  • Telecoms.com
  • MSP 501
  • Black Hat
  • IoT World Today
  • Omdia

WORKING WITH US

  • Contact
  • About Us
  • Advertise
  • Newsletter

FOLLOW Channel Futures ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2023 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X