The Health Sector Cybersecurity Coordination Center released a threat brief this past week about the vulnerabilities in Log4J, a Java-based logging tool known to have multiple potential security flaws.
After the discovery of the vulnerabilities in November 2021, Apache has released multiple Log4J updates. However, said HC3, the healthcare sector remains at high risk – and adversaries are “actively leveraging these vulnerabilities.”
Several state-sponsored actors are believed to be taking advantage of Log4J’s vulnerabilities, including those from China, Iran and Russia. Microsoft has also reported that Turkey and North Korea have been leveraging the exploit.
In terms of those other than state-sponsored actors, HC3 pointed to ransomware operators – specifically Conti, which it labeled as a “prolific threat” to the health sector – as posing potential dangers.
The agency outlined several short-term and long-term vulnerability mitigations, including downloading the latest version of Log4J and continuing to monitor the Apache site and vendors for more patches.
In terms of future strategies, the HC3 brief noted that any sophisticated cyber-defense program must include…
