Cybersecurity, Iezzi (Swascan): “A real red alert has been launched by the National Agency”

“The one launched by the National Cybersecurity Agency is a real red alert. The IT systems of leading global companies are at risk”. Pierguido Iezzi, CEO of Swascan, a company of the Italian cybersecurity hub of the Tinexta Group, comments on the notice launched today by the National Cybersecurity Agency to Adnkronos. “On December 9, 2021 – continues Iezzi – a zero-day exploit was made public that affected the popular Apache Log4j utility (CVE-2021-44228). This exploit allows the execution of unauthorized code: the vulnerability is extremely critical” . “The zero day that activated the maximum alert of all the structures set up for Cyber ​​Security worldwide – explains Iezzi – is in fact part of the risks associated with the use of third-party software, another aspect of the risk associated with the Supply Chain. risk that we have had to manage and face in the last year, passing from the Solarwind cases to the Kaseya case. We are talking about leading companies – continues Iezzi – from Twitter, Microsoft, Amazon, Apple’s iCloud, Steam. on thousands of other known and lesser known companies. This vulnerability allows the attacker to remotely execute unauthorized commands on the vulnerable target system. The attacker thus has full access to the machine. He will be able to steal the data, transform it into a vector of attack, and move sideways within the infrastructure to carry out malicious actions based on the type of Threat actor (espionage, cybercrime, hacktivism, cyber warfare …). “The Security O Swascan peration Center (Soc) – adds Iezzi – has supported its customers since Friday evening by activating the Containment and Investigation actions in line with the reference standards and best practices. The hyper-connection of heterogeneous and very often obsolete systems means that situations of this type are and will be a constant in our daily life. The coordinating role of the National Cybersecurity Agency is essential – concludes Iezzi – but at the same time it is necessary for companies to adopt a cyber security framework that must necessarily be based on Predictive Security (Threat Intelligence), Preventive Security (Security Testing and Training) and Proactive Security (Security Operation Center) “.