Investigation targets private and public cybersecurity threats

The US Department of Justice and Department of Homeland Security have launched a joint national appeal for potential victims and information on the global vulnerability of Log4j software which is exploited by hackers and foreign intelligence agencies in an attempt to accessing and disrupting US corporate and government networks and systems.

Log4j is a utility found in cloud servers and enterprise software used by private companies, counties, states and federal governments, according to the Associated Press. It is ranked by law enforcement and information technology security officials as the worst IT vulnerability discovered in years.

Unless it is found and repaired, it gives cybercriminals, foreign intelligence agents, and programming novices easy access to internal networks where they can steal valuable data, implant malware, erase information, and perform operations. other operations, the AP reported.

The U.S. Indo-Pacific Command Public Affairs said on Thursday that it had not performed an assessment of Hawaii’s assets to determine whether the Hawaii Department of Defense was experiencing any disruption or intrusion into the system, the network, applications or operations due to the Apache Log4j vulnerability.

INDOPACOM is also assessing whether the recent global attack on cloud-based Kronos software – used by businesses and governments to track work times, time off requests and workforce management – has affected DOD operations.

The Kronos attack recently forced more than 8,000 employees of The Queen’s Health Systems, 400 to 500 employees of the Honolulu Board of Water Supply, 250 employees of the city’s emergency medical services division and 400 employees of the Department of Health to use manual timing instead. and paycheck payroll transactions.

Vincent Hoang, chief information security officer at the State Bureau of Enterprise Technology Services, said Thursday that state networks and systems do not appear to be affected by the Log4j vulnerability.

“At this point, we have not experienced any operational impact from the current Log4j vulnerabilities. We continue to work closely with federal and industry partners who provide advice and assistance to resolve issues that may arise, ”Hoang said.

Mark D. Wong, chief information officer and director of the city’s information technology department, said the city has a process to find vulnerabilities.

First, workers scan security support sites for vulnerable applications and available patches. Sometimes the vendor or the security community directly informs the department, Wong said.

“Another way to check for potential issues is to scan all of our servers for instances of files that are associated with a vulnerability. Finally, we perform a deep network scan to find vulnerable applications. This approach works for a wide range of vulnerabilities, not just Log4j, ”said Wong.

Members of the Hawaii Chamber of Commerce and the Retail Merchants Association of Hawaii reported no impact.

According to the Cybersecurity and Infrastructure Security Agency, Log4j is “widely used in a variety of consumer and business services, websites and applications.”

The Federal Bureau of Investigation and the CISA are researching US government agencies, businesses, and individuals who believe they have been victims of the software vulnerability.

“If you believe that your systems have been compromised due to the Log4j vulnerability or if you are looking to address it, we encourage you to use all recommended mitigation measures and follow CISA guidelines“said an FBI statement.

“If you believe your organization has been compromised due to the Log4j vulnerability, visit fbi.gov/log4j report to the FBI. Please include as much information as possible to help the FBI and CISA determine the priority for victim outreach.

CISA and the Joint Cyber ​​Defense Collaborative are responding to the active and widespread exploitation of Apache’s Log4j software library, versions 2.0-beta9 through 2.14.1, known as Log4Shell, according to an article published on the site Thursday. CISA Web.

Log4Shell has been configured to distribute ransomware and is also used by foreign intelligence agencies who partner with like-minded hacking gangs to hammer US networks and operating systems with an endless barrage of cyber attacks.