Geopolitics Is Changing the Business Landscape. Companies Cannot Afford to Ignore the Risks.

“The war in Ukraine was a wake-up call as to how entire industries can unravel in response to a geopolitical crisis.” 

For chief security officers, human resources professionals, and anyone responsible for keeping their workforce safe while overseas, geopolitics matters now more than ever. In an op-ed for Business Travel News, Global Guardian CEO Dale Buckner discusses current threats that corporate leaders should be tracking—including the second and third-order effects—and why it’s critical to ensure the proper contingency and emergency response plans are in place.

Remote Work, Return to Travel Increase Cyber Attacks in 2022

“A cybersecurity system that fails to account for the human condition will ultimately fail.”

As corporate travel sees a resurgence and many workers continue to work remotely, it’s critical that companies invest the time, effort, and money to address cyber vulnerabilities and defenses right down to the end user no matter where they are in the world. In an op-ed article for Business Travel News What to Watch 2022, Global Guardian CEO Dale Buckner discusses why cybercrime will continue to be a major challenge this year and how organizations should prepare.

INCIDENT

On 09 December 2021, sources identified a significant security flaw within the popular online game Minecraft. The bug allowed attackers to change messaging settings that made the Log4j logging application connect to external addresses, allowing attackers access to the system.

Tracked CVE-2021-22448 (CVSS score: 10.0), the flaw concerns a case of remote code execution in Log4j, a Java-based open-source Apache logging framework broadly used in enterprise environment applications to record events and messages generated by software applications. Because Log4j is open source (free), it is used widely. Apache Log4j is part of the Apache Logging Project. By and large, usage of this library is one of the easiest ways to log errors, which is why most Java developers use it. Many large software companies and online services use the Log4j library: Amazon, Apple iCloud, Cisco, Cloudflare, ElasticSearch, Red Hat, Steam, Tesla, Twitter, and many more. The bug has scored a perfect 10 of 10 in the Common Vulnerability Scoring System (CVSS) rating system, indicative of the severity of the issue.

Since its initial discovery, intelligence suggests that the vulnerability has been built into Linux-based high speed robot networks (botnets), and is exploiting industrial controls, internet of things devices, and now, crypto mining systems.

Global Guardian has been actively monitoring this activity beginning approximately 24 hours before it was publicly announced, having received advanced notice from confidential intelligence sources. To date, we have blocked all known events for our current Cyber Security clients and are actively protecting all network and devices from this vulnerability through firewalls and secure workstation security software.

CORRECTIVE ACTION

The Cybersecurity and Infrastructure Security Agency (CISA) has provided Apache Log4j Vulnerability Guidance. To view, click here. In addition, we recommend:

• You disallow any gaming in your environment and close all running instances of the game and the Minecraft Launcher. Users will need to start the Launcher again, following which the patched version will download automatically.
• Anyone with an application containing Log4j immediately pays attention to this vulnerability and ensure you have a web application firewall (WAF) installed. If you have any questions, contact our team today. Global Guardian can provide guidance on installing firewalls and securing your networks. 

Over the past week, the Federal Bureau of Investigation (FBI), Department of Homeland Security’s (DHS) Cybersecurity & Infrastructure Security Agency (CISA) and the Office of the Director of National Intelligence (ODNI) announced a significant and sustained cyber-attack. CISA issued Emergency Directive 21-01 in response to a known attack against SolarWinds, an American software company that helps businesses manage their networks. 

The COVID-19 virus has spawned a wave of cyberattacks, including new tactics that are targeting businesses and individuals and are posing new security challenges.

As confirmed COVID-19 cases continue to grow, uncertainty remains around how long this will last, how it will continue to unfold, and what the socio-economic ramifications will look like.

At Global Guardian, your safety is our top priority. As the COVID-19 pandemic continues to be felt across the globe and we navigate these unprecedented times, I wanted to personally reach out to assure you that we remain ready to serve you at a moment’s notice.