"With one line of code, this vulnerability can allow someone to remotely introduce malware into your network environment."SCOTT CHRISTENSEN
Many vulnerabilities go unnoticed by the general public, but this one is making headlines on CNN, so it’s something that company executives and directors will be asking about.
Industrial organizations should address this new threat now to protect their plant-floor assets from malware that could expose sensitive data, interrupt operations and sap system resources.
Early reports indicate that malicious actors are using the vulnerability, in some cases, to force targeted systems to serve as cryptocurrency mining machines.
Log4j is a simple, open-source Java library tool maintained by The Apache Software Foundation. It’s designed to log error messages.
Java is ubiquitous. It has been around since 1995 and remains among the most popular programming languages in the world.
The flaw allows a malicious actor to turn the error-logging tool into an open door to a target’s network, where the actor would be able to remotely execute code and take over control of a vulnerable system.
Applications that use LOG4j (2.14.1 or older) can be vulnerable to simple attacks, which can enable remote code execution.
GrayMatter’s deceptionGUARD does not use Java.
This guide will help you strengthen your industrial network’s defenses and improve your ability to detect and combat current and future LOG4j attacks.
Using deceptionGUARD by GrayMatter, this guide will help you strengthen your industrial network's defenses and improve your ability to detect and combat current and future LOG4j attacks.
About deceptionGUARD /// 4
Step 1: LOG4j Network Ports /// 5
Where to Use Network Port Context Groups /// 6
Create Your Own Network Port Context Group /// 8
Step 2: Known LOG4j Countries List /// 9
Custom Rule Example /// 10
Creating LOG4j Country Groups /// 11
Step 3: LOG4j IP/deceptionGUARD Threat Intelligence /// 13
Step 4: Known LOG4j Businesses - Creating or Importing GNL Context Groups /// 14
Current LOG4j Businesses List /// 15 - 16
Creating LOG4j Business Context Groups /// 17
Step 5: Creating Sensors to Detect LOG4j Activity /// 18 - 19
Step 6: Creating Dashboards to Monitor LOG4j Activity /// 20
About GrayMatter /// 21