A study examining the scope and impact of the recent Log4j vulnerability has been conducted by Tenable and the results are extremely interesting.
According to the data collected from over 500 million tests, 72% of organizations remain vulnerable to the Log4Shell vulnerability as of October 1, 2022. The data highlights legacy vulnerability remediation challenges, which are the root cause of the majority of data breaches.
Tenable telemetry found that one in 10 assets was vulnerable to Log4Shell as of December 2021, including a wide range of servers, web applications, containers, and IoT devices. October 2022 data showed improvements, with 2.5% of assets vulnerable. Yet nearly one-third (29%) of these assets had recurrences of Log4Shell after full remediation was achieved.
More than half of organizations vulnerable to Log4j
53% of organizations were vulnerable to Log4j during the time period of the study, which underscores the pervasive nature of Log4j and the necessary ongoing efforts to remediate it even if full remediation was previously achieved.
Vulnerability Remediation Is not a “One and done” process
“Full remediation is very difficult to achieve for a vulnerability that is so pervasive and it’s important to keep in mind that vulnerability remediation is not a ‘one and done’ process,” said Bob Huber, chief security officer, Tenable.
“While an organization may have been fully remediated at some point, as they’ve added new assets to their environments, they are likely to encounter Log4Shell again and again. Eradicating Log4Shell is an ongoing battle that calls for organizations to continually assess their environments for the flaw, as well as other known vulnerabilities.”
Log4j remediation across continents
Nearly one-third of North American organizations have fully remediated Log4j (28%), followed by Europe, Middle East and Africa (27%), Asia-Pacific (25%), and Latin America (21%).
Similarly, North America is the top region with the percentage of organizations that have partially remediated (90%), Europe, Middle East, and Africa (85%), Asia-Pacific (85%), and Latin America (81%).
Log4j remediation across industries
Some industries are in better shape than others, with:
engineering (45%),
legal services (38%),
financial services (35%),
non-profit (33%)
and government (30%) leading the pack with the most organizations fully remediated.
Approximately 28% of CISA-defined critical infrastructure organizations have fully remediated.
How to detect the log4j vulnerability in your environment
Read more in this article on how to detect the Log4j vulnerability in your environment.
Dimitris is an Information Technology and Cybersecurity professional with more than 20 years of experience in designing, building and maintaining efficient and secure IT infrastructures.
Among others, he is a certified: CISSP, CISA, CISM, ITIL, COBIT and PRINCE2, but his wide set of knowledge and technical management capabilities go beyond these certifications. He likes acquiring new skills on penetration testing, cloud technologies, virtualization, network security, IoT and many more.