• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

My TechDecisions

  • Best of Tech Decisions
  • Topics
    • Video
    • Audio
    • Mobility
    • Unified Communications
    • IT Infrastructure
    • Network Security
    • Physical Security
    • Facility
    • Compliance
  • RFP Resources
  • Resources
  • Podcasts
  • Subscribe
  • Project of the Week
  • About Us
    SEARCH
Compliance, IT Infrastructure, Network Security, News

Expect ‘Headline-grabbing’ Log4j Attacks in 2023

Log4j bug will continue to be a critical issue for IT professionals in 2023, according to GreyNoise.

January 4, 2023 Zachary Comeau Leave a Comment

Log4j, Log4Shell, GreyNoise
stock.adobe.com/Andreas Prott

Organizations should expect to see continued cyberattacks leveraging the Log4Shell vulnerability in 2023, cybersecurity company GreyNoise Intelligence says in a new report.

The Washington, D.C.-based internet scanning traffic analysis firm’s recently released report, the 2022 Mass Exploitation Report, dives deep into the most significant threat detection events of the past year, including touching on CISA’s growing catalog of Know Exploited Vulnerabilities, and other high-profile vulnerabilities in Atlassian and Apache products.

However, the Log4j vulnerability garners significant attention in GreyNoise’s report, with the company saying the full scope of attacks involving the bug will never be known.

There were many high-profile attacks against government, financial institutions, and other organizations, and Log4Shell has found its way into toolkits by a variety of hacking groups. In fact, the company has published blogs about a few instances, such as when hackers began using the exploit to target the Belgian Defense Ministry in late 2021, ransomware actors leveraging the bug and a North Korean group using it to hack U.S. energy companies.

While the brunt of Log4Shell activity came in December 2021 and January 2022, GreyNoise warns that organizations should expect to see “persistent internet-facing exploit attempts” as Log4j attack payloads become part of the new background noise of the internet. The exploit code has been baked into numerous hacking kits of threat actors at every level.

“It’s very low risk for attackers to look for newly- or reexposed hosts, with the weakness unpatched or unmitigated,” GreyNoise says in the report. “This means organizations must continue to be deliberate and diligent when placing services on the internet.”

The firm also urges vigilance of most post-initial access internal attacks using the Log4j exploit. CISA’s database of software affected by the vulnerability has stopped receiving regular updates, and about 35% of about 1,550 products are listed as either “unknown” or “still affected.”

“Attackers know what existing products have embedded Log4j weaknesses, such as the popular VMWare Horizon, and have already used the exploit in ransomware campaigns,” the company says in the report. “If you have not yet dealt with your internal Log4j patching, now would be a good time to get that into Q4 2022 and H1 2023 plans.”

According to a July 2022 report from the U.S. Department of Homeland Security’s Cyber Safety Review Board on the Log4j vulnerability, the bug will remain an issue for a decade or more, and GreyNoise seem to concur. The company says to expect “at least a handful of headline-grabbing Log4j-centric attacks” this year.

“Organizations have to strive for perfection, while attackers need only persistence and luck to find that one device/service still exposing this weakness,” the company says. “We will see more organizations impacted by this, and it is vital you do what you can to ensure yours isn’t one of them.”

Tagged With: Cybersecurity, GreyNoise, Log4j, Log4Shell, Vulnerability Management

Related Content:

  • Malwarebytes Mobile Security for Business Malwarebytes Launches Mobile Device Security Solution
  • Microsoft Adaptive Protection Microsoft Launches New Machine-Learning-Enabled Adaptive Protection for Data…
  • OneNote Malware, Proofpoint Hackers Are Pivoting to OneNote Documents for Malware…
  • cybersecurity, vendor risk, third party vendor security risk Research: Vendors Are Introducing Security Risk Into Customer…

Free downloadable guide you may like:

  • Harnessing the Power of Digital SignageHarnessing the Power of Digital Signage

    Choosing the best solutions for messaging, branding, and communicating in today’s content-everywhere landscape

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Get the FREE Tech Decisions eNewsletter

Sign up Today!

Latest Downloads

Harnessing the Power of Digital Signage
Harnessing the Power of Digital Signage

Choosing the best solutions for messaging, branding, and communicating in today’s content-everywhere landscape

Blueprint Series Cover: What works for hybrid work
Blueprint Series: What Works for Hybrid Work

Download this free resource to learn about how IT leaders can effectively manage and implement a hybrid work model.

Guide to creating a ransomware response plan download
Blueprint Series: Creating a Ransomware Response Plan

Chances are ransomware hackers are researching your company right now. They’re investing time and money to choose the most profitable targets and a...

View All Downloads

Would you like your latest project featured on TechDecisions as Project of the Week?

Apply Today!
Sharp Microsoft Collaboration HQ Logo

Learn More About the
Windows Collaboration Display

More from Our Sister Publications

Get the latest news about AV integrators and Security installers from our sister publications:

Commercial IntegratorSecurity Sales

AV-iQ

Footer

TechDecisions

  • Home
  • Welcome to TechDecisions
  • Subscribe to the Newsletter
  • Contact Us
  • Media Solutions & Advertising
  • Comment Guidelines
  • RSS Feeds
  • Twitter
  • Facebook
  • Linkedin

Free Technology Guides

FREE Downloadable resources from TechDecisions provide timely insight into the issues that IT, A/V, and Security end-users, managers, and decision makers are facing in commercial, corporate, education, institutional, and other vertical markets

View all Guides
TD Project of the Week

Get your latest project featured on TechDecisions Project of the Week. Submit your work once and it will be eligible for all upcoming weeks.

Enter Today!
Emerald Logo
ABOUTCAREERSAUTHORIZED SERVICE PROVIDERSTERMS OF USEPRIVACY POLICY

© 2023 Emerald X, LLC. All rights reserved.