- The best robot vacuums for pet hair of 2024: Expert tested and reviewed
- These Sony headphones eased my XM5 envy with all-day comfort and plenty of bass
- I compared a $190 robot vacuum to a $550 one. Here's my buying advice
- I finally found a reliable wireless charger for all of my Google devices - including the Pixel Watch
- 6 ways to turn your IT help desk into a strategic asset
Cyber-Attack on Belgium’s Military
Threat actors have exploited a vulnerability in Log4j software to wage a cyber-attack on Belgium’s Defense Ministry.
The attack began on December 16 and was confirmed by Belgium’s Ministry of Defense on Monday.
Speaking to the AFP in Brussels on Tuesday, Belgian military spokesman Commander Olivier Séverin said that the incident had caused damage to services that were connected to the internet, paralyzing part of the ministry’s activities.
He added that five days after the attack began, analysis of the incident was still being carried out and the process of restoring disrupted services remained ongoing.
Séverin did not shed any light on who may have been responsible for the cyber-attack.
A spokesperson for Belgian Defense Minister Ludivine Dedonder said that “the ministry’s teams have been working hard in past days to secure its networks” and that the Belgian government will continue to invest in cybersecurity defenses.
Log4j is a Java-based logging library that tracks system processes. Security teams around the world have been working to secure their systems after multiple vulnerabilities were discovered in Log4j earlier this month.
Mike Saxton, chief technologist at Booz Allen and director of Federal Threat Hunt and Digital Forensics and Incident Response (DFIR) urged organizations to act now to mitigate the Log4j vulnerability.
“Most immediately, organizations must establish and see through a plan that begins with the following: 1) Implementing sensor blocks; 2) Disabling Log4J; 3) Identifying and patching vulnerable versions; 4) Disabling JNDI lookups; 5) Disabling remote codebases; 6) Performing scan with updated vulnerability management templates; 7) Performing searches and analysis of all security logs for evidence of enumeration or compromise; 8) Consolidating, communicating, and disseminating updated threat intel associated with Log4j; 9) Tracking all remediation and mitigation efforts and tasks; 10) Continuing to apply up-to-date blocking measures; 11) Monitoring LDAP traffic; and 12) Moving vulnerable systems behind additional firewalls,” said Saxton.
He added: “This list may seem overwhelming, but it should be viewed as a template rather than a checklist that organizations can follow.”
In the long term, Saxton advised organizations to move to a persistent threat hunt model and to work under the assumption that their vulnerable assets will be breached.