Site icon Newsgaze

checkpoint log4j protection: Is Check Point Affected by the Log4j Vulnerability?

checkpoint log4j

checkpoint log4j:- Cybersecurity firm Check Point Research has released fresh statistics from 2021

revealing that among its clients, there was a considerable increase in overall cyberattacks per week on business networks compared to 2020.

Researchers ascribed some of the spikes, which were focused at the end of the year, to the Log4j vulnerability identified in December. Check Point noted in a report that 2021 was a record-breaking year for cyberattacks and the Log4J vulnerability only made things worse.

“When comparing last year to 2020, we witnessed a startling 50 percent increase in the number of cyberattacks on corporate networks every week — this is a huge increase. We witnessed a spike in the number of cyberattacks towards the end of the year, mostly as a result of attempts to exploit the Log4j vulnerability “Omer Dembinsky, data research manager at Check Point Software, shared his thoughts.

“Hackers’ ability to carry out harmful objectives has been greatly aided by the development of new penetration and evasion techniques. What’s most frightening is that we’re seeing certain vital socioeconomic businesses rise onto the most assaulted list. The education, government, and healthcare businesses all made it into the top five most targeted industries list around the world.”

Check Point reported that for 2021, overall attacks per week on corporate networks climbed 50 percent compared to 2020, and in Q4, they recorded an all-time high in weekly cyberattacks per organization of 925.

Check Point’s customers in the education and research arena dealt with an average of 1,605 threats per organization every week, the greatest volume of attacks they saw. This represents a 75 percent increase compared to 2020.

The government, defense, military, and communications industries were not far behind, averaging roughly 1,100 attacks weekly per company.

When they split their internal data down by geography, they found organizations on the African continent faced the largest volume of attacks in 2021, with an average of 1,582 weekly attacks per business. Organizations in the APAC area witnessed an average of 1,353 weekly attacks per organization, while Latin America dealt with 1,118 attacks weekly and Europe saw 670 attacks weekly. North America was last with a weekly average of 503.

What Happened?

On December 9th, an acute remote code execution (RCE) vulnerability was disclosed in the Apache logging package Log4j 2 versions 2.14.1 and lower (CVE-2021-44228) (CVE-2021-44228).
Apache Log4j is the most popular Java logging library with over 400,000 downloads from its GitHub project. It is used by a vast number of companies globally, enabling logging into a wide set of popular applications.
Exploiting this vulnerability is simple and allows threat actors to manipulate java-based web servers and perform remote code execution attacks.

The Log4j library is incorporated in practically every Internet service or application we are familiar with, including Twitter, Amazon, Microsoft, Minecraft, and more.
At present most of the assaults rely on the usage of cryptocurrency mining at the expense of the victims, however under the aegis of the noise more advanced attackers may operate aggressively against quality targets.

Since Friday we watched what appears like evolutionary repression, with new variations of the initial exploit being produced rapidly- over 60 in less than 24 hours.
For example, it can be exploited either over HTTP or HTTPS (the encrypted version of browsing) (the encrypted version of browsing). The number of options of ways to exploit it allows the attacker several alternatives to evade newly installed defenses. It suggests that one layer of protection is not enough and only a multi-layered security posture will provide a resilient defense.

Check Point’s Infinity Platform is the only security platform that offers pre-emptive protection for customers against the latest Log4j attack (Log4Shell) (Log4Shell). Leveraging contextual AI, the platform delivers exact prevention of even the most complex embryonic threats, without creating false positives. Customer web applications are safe as the security auto-refreshes without the need for human interaction or rule sets, as the app and threat ecosystem evolves and expands.

How Can You Remain Protected?

Check Point already announced a new Quantum Gateway security powered by Threat Cloud, designed to avoid this attack, and by using it- you’ll stay secure.
If your Quantum gateways are updated with automated new protections, you are already covered. Otherwise, you need to implement new protection by following the rules here. We advise IT and Security teams to take quick remediation efforts on the situation.

Is Check Point Affected by the Log4j Vulnerability?

The Check Point Infinity design is not harmed by the Log4j.
We thoroughly validated that the vulnerability does not affect our Infinity portfolio including Quantum Gateways, SMART Management, Harmony Endpoint, Harmony Mobile, ThreatCloud, and CloudGuard.

The Statistics Behind Cve-2021-44228

This CVE enters the general environment of cyber pandemics when severe vulnerabilities in popular software and services harm a vast number of enterprises.

Since we started to install our security we prevented over 4,300,000 attempts to allocate the vulnerability, over 46 percent of those efforts were made by known malicious parties.
We have so far seen an attempted exploit of over 48 percent of corporate networks globally.

What’s Next?

Check Point Research is thoroughly studying the Log4j vulnerability

Check Point Research (CPR) closely tracks the huge scans and exploit attempts. While the activity as we write these words is restricted to scanners and largely crypto mining threat actors, it does not mean more advanced threat actors are just sitting back enjoying the noise activities. In fact, they are acting secretly behind the scenes.

It is certainly one of the most dangerous vulnerabilities on the internet in recent years.
When we mentioned the Cyber pandemic, this is exactly what we meant – swiftly spreading deadly attacks.

Latest Videos:

How Can Check Point Continue to Support You?

We will continue to update you on any fresh development of this critical security event.
Our technical support teams are ready for you 24/7 and we are all at your service to make sure you’ll keep secure.
We welcome you to visit our dedicated page to learn more about this vulnerability and how Check Point solutions ensure you stay protected.

Related Topics:

Final Words:

Check Point based its estimates on its proprietary ThreatCloud platform that gathers data from hundreds of millions of sensors worldwide.

Dembinsky said he expects the numbers to climb for 2022 as hackers “continue to develop and find new techniques to execute cyberattacks, notably ransomware.”

“We are, if you will, experiencing a cyber epidemic. I highly encourage the general public, particularly those working in the school, government, and healthcare sectors, to become familiar with the fundamentals of personal safety “Dembinsky expressed himself. “Simple actions such as patching, segmenting your networks, and educating personnel can go a long way in making the globe safer.”

Exit mobile version