Check Point: Almost half of German companies affected by Log4J gap

Check Point: Knapp die Hälfte der deutschen Firmen von Log4J-Lücke betroffen

Log4shell

The security researchers at Check Point Research (CPR) are intensively investigating the LOG4J vulnerability in Java, which is currently making headlines. The most important findings for Germany:

  • In Germany, 45 percent of all company networks detected by Check Point were attacked.
  • In Austria, the figure is 46 percent, in Switzerland – 40 percent.
  • Worldwide, the average is 40 percent. In Europe, at 42.2 percent.
  • At one point, the security researchers even register 100 attacks per minute.
  • Check Point has now registered around 846,000 attacks, 72 hours after the first attack.
  • 46 Percent of the attacks originated from well-known hacker groups.
  • After 72 hours, there were already over 60 new variants of the attack.

Lotem Finkelsteen, Head of Threat Intelligence at Check Point Software Technologies

Lotem Finkelsteen, Head of Threat Intelligence at Check Point Software , explains: “This is one of the most serious security vulnerabilities in recent years, which is spreading like wildfire. At one point, there were over 100 attacks per minute related to the LOG4J vulnerability. It seems to be an evolutionary campaign, as new variants of the original attack were introduced in a very short time – over 60 in 72 hours. This variety of combinations of how the vulnerability can be exploited gives the attacker many ways to circumvent newly introduced protective measures. This means that one protective layer is not enough and only a multi-layered security architecture provides a resilient defense.
Unlike other major IT attacks that affect one or a limited number of software, Log4J is basically embedded in any Java-based product or web service. It is very difficult to fix them manually. Once an investigation had been published (in this case last Friday), the Internet was scoured to determine the surfaces vulnerable to this incident. Those who do not want to implement protection are probably already being checked by hackers. We have already documented over 846,000 attacks that have attacked over 40 percent of corporate networks worldwide.

One thing is certain: this vulnerability will accompany us for years due to the complexity of its elimination and the simplicity with which it can be exploited – unless companies and services immediately take measures to prevent attacks on their products by implementing effective protection. This is especially important during the holiday period, when IT security departments work more slowly.“

Affected entrepreneurs can contact the Incident Response Team of Check Point for help: https://www.checkpoint.com/support-services/threatcloud-incident-response / .

Ready to see us in action:

More To Explore

IWanta.tech
Logo
Enable registration in settings - general
Have any project in mind?

Contact us:

small_c_popup.png