Measures of a general nature in the form of a public decree were announced by NÚKIB on the website. According to the office, the total number of vulnerable systems can only be estimated at the moment, but there will be hundreds of millions more worldwide.
–
“NÚKIB currently has a high frequency of scanning potentially vulnerable systems in the Czech Republic and a number of active abuses, which are very likely to increase in the coming days. These cases are also reported from foreign partners,” said NÚKIB director Karel Řehka.
–
The vulnerability allows remote code execution on affected systems without any authentication, which can lead to full control of the server, affecting a potentially large number of widely used products and applications that commonly contain this component. The vulnerability can be exploited to automate the spread of malicious programs, data filtering, and the deployment of extortion programs.
–
Impact on the functioning of society as a whole
According to Řehka, the exploitation of vulnerabilities can have an impact on the functioning of the whole society and can endanger not only the systems regulated under the Cyber Security Act. “Therefore, we recommend applying the actions defined by the reactive measure to those entities that do not fall under the regulation,” he said. For example, authorities, ministries and hospitals fall under cyber law.
–
The ordered measures consist mainly in creating backups of information systems, identifying programs that use the vulnerable library in organizations, and updating it. Other measures include restricting outbound communication of vulnerable systems to the Internet and verifying that no attacks have already taken place.
–
The Czechia is the eighth most affected country
The anti-virus company Eset announced on Wednesday that the Czechia is the eighth most affected country in the number of attempts to exploit the mistake. “In our data, we see a significant number of exploitation attempts, where the Czech Republic ranks eighth. For comparison, Japan is in first place, followed by the United States and Poland, Slovakia is in second place in eighteenth place, “said Jiří Kropáč, security analyst at Eset.
–
Eset recommends that system administrators immediately verify that the applications they run use the vulnerable Log4j library. If they register such an application in their system, the application and Log4j must be immediately updated to the highest version, especially if the application is accessible from the Internet. Then you need to thoroughly check that the system has not already been compromised. The detection tools of the updated security software will help here.
–
“An updated version of Log4j is currently available and needs to be installed immediately. Nevertheless, all other safety procedures must be carried out so that any infection in the system can be detected and resolved in a timely manner, “added Kropáč.
—
