NRB responds promptly to vulnerability in LOG4J software

 

The vulnerability was discovered in Log4j (version 2 to 2.15). Log4j is a standard function in a Java stack, the most widespread middleware for software development, that allows logging to take place. The vulnerability is especially a risk for web servers - mostly Apache servers - where it allows an external user to take over administration rights of the server in this way. 

On Saturday night the first alerts came in to NRB's security team. This was immediately investigated and confirmed on Sunday morning by NRB's threat list system, including the CERT advisories. The security team took immediate action. All accesses to the applications and systems were put on the highest level of alert. Antivirus agents were given the necessary updates. An inventory was made of all applications using log4j and the necessary updates were made with the patches provided by the suppliers of the systems concerned. 

 

NRB has carried out systematic research and penetration tests on the systems and applications of NRB and its clients. This showed that some attacks were indeed detected but that none were successful. The plan of remediation has been drawn up. All relevant systems of the organizations under the care of NRB were addressed. The other customers have been addressed and will receive the necessary instructions and patches (which are also available via this link on the portal of Cybersecurity Center Belgium). 

 

NRB clients can of course always contact their usual Service Delivery Manager or Business Development manager and the NRB hotline remains at their disposal. 

Needless to say, NRB is open to give advice or help where possible to all other organizations or companies, who can always contact our security team at IT-security@nrb.be with their questions.

 

The NRB Security team