Executive dilemma: U.S. government pressures organizations to mitigate Log4j but finding Log4j is a challenge for corporate IT.
Feb. 8 - Tysons Corner, Va. - Celerium today announced its Log4j Global Coverage, which provides resources related to combatting Log4j vulnerabilities. The site is part of Celerium’s Global Ransomware Readiness Network.
Since mid-December 2021, the ongoing criticality of the Log4j security exposure has been punctuated by statements and warnings from the U.S. government, including the White House, DHS/CISA, and the FTC. The newly established Cyber Safety Review Board (CSRB), requested by President Biden in his May 2021 Executive Order on Improving the Nation’s Cybersecurity, will focus first on Log4j.
As organizations work to mitigate the Log4j vulnerability, many IT employees struggle to find all the instances of Log4j in their environment. Early testers of Celerium’s Log4j Global Coverage site rated "finding Log4j" as extremely difficult, given that the vulnerability can be embedded so deeply within systems – an issue related to the software supply chain and open-source software.
Celerium's Ransomware Readiness Network (RRN) has an initial and free focus on Log4j. The RRN Global Log4j Coverage site provides information to help companies discover Log4j in their networks as well as increase situational awareness of cybersecurity and ransomware events related to the vulnerability.
Log4j Discovery Features
- Discover Log4j Vulnerabilities in a Company: Understand more than a dozen Log4j scanning tools from various vendors. Given the complexity of Log4j, companies may need to use multiple scanning tools. Beta testers of Celerium’s site indicated that determining which tool to use can be "Very” or “Extremely Difficult.”
- Discover Log4j Exploitations in a Company: View IOCs (indicators of compromise) to discover if threat actors are exploiting Log4j in company systems.
Log4j Situational Awareness
- Event Management: View pending and active ransomware and cybersecurity events related to Log4j. The IOCs in the discovery section can be used to determine if these attacks impact a company’s internal systems.
- View Global Coverage of Log4j: This section showcases how governmental cyber organizations worldwide are addressing Log4j. Organizations listed include:
- Australian Cyber Security Centre (ACSC)
- Austria: Computer Emergency Response Team of Austria (CERT.at)
- Belgium: CERT.be, the operational service of the Centre for Cyber Security Belgium (CCB)
- Denmark Center for Cybersecurity
- Canada Centre for Cyber Security
- Czech Republic Czech National CSIRT (CSIRT.CZ)
- Finland National Cyber Security Centre (part of the Finnish Transport and Communications Agency)
- France: CERT-FR (part of the Government Center for Monitoring, Alerting, and Responding to Computer Attacks)
- Germany CERT-Bund (part of the Federal Office of Information Security)
- Greece: Hellenic Computer Security Incident Response Team
- Israel National Cyber Directorate
- Italy: CSIRT Italia (part of the National Cybersecurity Agency)
- Japan CERT/CC (Coordination Center)
- Luxembourg: Computer Incident Response Center Luxembourg (CIRCL)
- Netherlands National Cyber Security Centre (part of the Ministry of Justice and Security)
- Norwegian National Cyber Security Centre and NorCERT
- Poland: CSIRT GOV (The Governmental Computer Security Incident Response Team)
- Republic of Korea: KrCERT/CC (Korea CERT/Coordinating Center, part of KISA – Korea Internet & Security Agency)
- Slovenia National Cybersecurity Response Center - SI-CERT
- Spain: CSIRT.es Forum
- Sweden: CERT-SE (Sweden’s National Computer Security Incident Response Team)
- Switzerland: GovCERT.ch, the Swiss Government Computer Emergency Response Team, part of the National Cyber Security Centre
- Turkey: TR-CERT (Computer Emergency Response Team of the Republic of Turkey)
- UK National Cyber Security Centre
- United States Department of Homeland Security / Cybersecurity & Infrastructure Security Agency (CISA)
- Receive industry updates and news regarding Log4j.
The site also provides a way for people to submit questions and help research scanning tools and other related items.
“The Log4j issue is widespread and can have deep impacts. Companies need to mitigate the vulnerability to protect themselves and their customers and to avoid government fines or actions,” said Tommy McDowell, General Manager of Celerium. “As cyber defenders and business executives struggle to address this issue, Celerium is proud to offer our Log4j Global Coverage site and the resources to help companies navigate this concerning issue.”
The Log4j Global Coverage site is available for free at https://rrn.global/log4j.
Celerium® provides solutions to help companies fortify their cyber defense. Celerium provides cyber threat sharing solutions and cybersecurity compliance (CMMC) solutions for organizations of all sizes to defend and protect against cyber threats via information sharing and cyber threat intelligence tools.