It is the most critical vulnerability discovered in years. Countless companies around the world are vulnerable and the situation is developing rapidly. Mandiant has identified that Chinese and Iranian government actors are already exploiting the vulnerability in log4j.
John Hultquist, VP of Intelligence Analysis at Mandiant, on the latest insights:
“We know that Chinese and Iranian government actors are exploiting this vulnerability, and we assume that other state actors are doing the same or are preparing for it. We believe these actors will act quickly to gain a foothold in coveted networks. With your foot in the door you can then undertake follow-up activities that may take some time. In some cases, they will work off a wish list of targets that existed long before the vulnerability was discovered. In other cases, desirable goals will be selected after broad goal setting.
The Iranian actors that we have linked to this vulnerability are particularly aggressive. You have participated in ransomware operations which are carried out primarily for malicious purposes rather than for financial gain. They are also associated with more traditional cyber espionage. ”- John Hultquist, VP of Intelligence Analysis at Mandiant.
More at Mandiant.com
About Mandiant Mandiant is a recognized leader in dynamic cyber defense, threat intelligence and incident response. With decades of experience on the cyber frontline, Mandiant helps organizations confidently and proactively defend against cyber threats and respond to attacks. Mandiant is now part of Google Cloud.