As if one pandemic wasn’t enough, there’s now also a cyber-pandemic whose scale is increasing at an exponential rate. The cause of this digital pandemic is a zero-day vulnerability in Java-based logging utility called Log4j. This open-source software allows software developers to log data within their applications, and it has been widely used since its release in 2001.
The vulnerability was disclosed on December 9 by the Alibaba Cloud Security Team, which named it Log4Shell (CVE-2021-44228). Two days later, cybersecurity company Tenable described it as “the single biggest, most critical vulnerability of the last decade”.
Since then, the vulnerability has affected many major tech players, including Amazon Web Services, Adobe, Broadcom, Cisco, Docker, F-Secure, IBM, Juniper Networks, Oracle, Red Hat, Siemens, SolarWinds, Sophos, Ubiquiti, Zoho, and others.
“It’s ubiquitous” said Chris Eng, chief research officer at cybersecurity firm Veracode, in an interview for CNN Business. Even if you’re a developer who doesn’t use Log4j directly, you might still be running the vulnerable code because one of the open-source libraries you use depends on Log4j”.
In addition to affecting large swaths of the global IT infrastructure, the Log4Shell vulnerability is also extremely severe because it involves arbitrary code execution. In other words, it makes it possible for attackers to make the vulnerable system do anything they want.
That’s why the Cybersecurity and Infrastructure Security Agency (CISA), the Canadian Centre for Cyber Security (CCCS), and Germany’s Bundesamt für Sicherheit in der Informationstechnik (BSI) have all called on organizations to take on immediate action and install the available fixes, which were released three days before the vulnerability was published.
Still, attackers have already successfully exploited the vulnerability to steal sensitive data, extract system credentials, install backdoors, and run crypto miners. Some of the largest botnets in the world are now scanning for the vulnerability, and almost half of all corporate networks have already been probed.
Because of how widespread Log4j is, experts estimate that it may take years to hunt down all vulnerable instances and patch them. Until that happens, cybercriminals will be on a hunt as well, ready to exploit them.
ABB E-mobility Delivers Its Millionth EV Charger
Continued growth has been facilitated by doubling production capacity after the launch of the company’s new DC fast charger facility in Valdarno, Italy.
ABB is a leader in electrification and automation solutions and has just announced the delivery of its millionth electric vehicle charger — the latest milestone in the company’s ongoing mission to create an emission-free future using smart and reliable EV charging solutions.
ABB currently boasts a presence in over 85 markets. After the launch of the company’s new $30 million, 16,000 squared meter production facility in Valdarno, Italy, production capacity has doubled over the last two years. The cutting-edge manufacturing plant recently set a new benchmark for the EV sector, producing a fast charger unit every 20 minutes, thanks to the high-tech factory’s seven simultaneous production lines.
“While our continual investment in research and development shows our ongoing commitment to enhance the field of e-mobility, the global delivery of these solutions at scale is integral to the realization of our goals. I want to thank our customers globally for their continued collaboration in hitting this one millionth charger milestone. I look forward to the millions yet to come, and to the cleaner, greener world they will help create,” says Frank Mühlon, ABB E-mobility CEO.
In the United Arab Emirates, ABB has installed over 80 fast and high-power DC charging stations, making it one of the largest projects from a single brand in the region. The biggest station is in Yas, Abu Dhabi, and offers 20 DC fast and high-power chargers for owners of emissions-free vehicles.
“We are proud that ABB chargers are today powering electric vehicles across strategic locations in the country, including the sites of the Dubai Utility provider, DEWA, and Abu Dhabi National Oil Company. Most of the car manufacturers and dealers in the UAE have ABB chargers in their showrooms and as well as car parking areas. We are confident ABB’s technical know-how, products, and research in the field of E-Mobility will continue to support the decision-makers in the Middle East to drive the transition to an emission-free future,” says Ahmed Abdu, E-mobility division lead, MENA region.
In addition to its Italian facility, ABB E-mobility has continued its global expansion. Earlier this month, the company announced a new United States facility that will eventually turn out over 10,000 chargers per year for the public sector, providing power to school buses and other fleets. As well as expansion into the USA, ABB E-mobility’s stake in Chinese charging provider, Chargedot, opens up another lucrative market for the EV charging giant.