One month on is Log4Shell the calm before a Ransomware storm?

07/01/2022

What is it?

Log4Shell is a so-called zero-day vulnerability — named as such since affected organisations have zero days to patch their systems — that allows attackers to remotely run code on vulnerable servers running Log4j, which developers use to keep a record of what’s happening inside an application as it runs. The vulnerability is tracked as CVE-2021-44228 and was given the maximum 10.0 severity rating, meaning attackers can remotely take full control of a vulnerable system over the internet without any interaction from the victim — and it doesn’t require much skill to pull it off.

 

Who’s affected?

Since the news of Log4Shell first broke, the growing number of victims suggests thousands of big-name companies and services are likely affected by the flaw. Many of these companies have been quick to act. The Apache Software Foundation, which maintains the Log4j software, released an emergency security patch, as well as mitigation steps for those unable to update immediately. There are also a number of third-party mitigations available. However, given the wide-ranging nature of Log4Shell, and the likelihood that ransomware will follow, this is likely to be the calm before the storm. Patching or mitigating the vulnerability should be at the top of every security team’s priority list.

 

Insurance

Cyber Insurance remains a key part of any prudent business’s insurance protection. If you don’t have it, you should get cover in place. While cover can protect you from the worst of the financial impact, the specialist response services provided through most high-quality policies is even more important. You must however continue to act as if uninsured by making sure you have requested and installed security patches. Some policies may exclude cover if you fail to do this. Please speak with a member of our team if you want to know more. Please also refer to the information and guidance issued by the National Cyber Security Centre here

 

Latest News from Vista...

We're hiring - Marketing Executive

We're hiring - Marketing Executive

We are recruiting a Marketing Executive to join our growing team.

View full article »

Vista awarded winners  of Fast Brokerages 2022

Vista awarded winners of Fast Brokerages 2022

Vista has been announced as a winner of Insurance Business UK Fast Brokerages 2022.

View full article »

Why are the costs of claims rising?

Why are the costs of claims rising?

Over the last year the cost of living has risen because of the Consumer Price Index (CPI) increase. We have produced a handy guide, looking at the influences on claims trends and the impact on claims costs.

View full article »

April Showers - how to protect against commercial flooding

April Showers - how to protect against commercial flooding

With unpredictable April weather bringing heavy rain, it's time to consider commercial flooding and your risk management strategy.

View full article »

We're hiring! Project Manager - Private Equity

We're hiring! Project Manager - Private Equity

The quick guide to integrating electric vehicles in your fleet

The quick guide to integrating electric vehicles in your fleet

Reduce risk, protect your drivers and lower your running costs

View full article »

Project Thomas (Water Direct Limited) - Completed Purchase

Project Thomas (Water Direct Limited) - Completed Purchase

Soris Capital Partners completed the purchase of Water Direct Limited with additional funding from Pascal Whittet at Ethos Partners LLP.

View full article »

Commercial Flood Risk Report 2022 - facts and figures

Commercial Flood Risk Report 2022 - facts and figures

2022 has seen its fair share of extreme weather already, with Storm Dudley, Eunice and Franklin arriving in quick succession.

View full article »

Landlord Underinsurance - Don't Get Caught Out

Landlord Underinsurance - Don't Get Caught Out

Our guide explains how landlords can avoid being caught out by underinsurance.

View full article »

Warning – expect protracted auto repair delays

Warning – expect protracted auto repair delays

Delays in vehicle repairs way beyond the normal period.

View full article »

We're hiring, come and join our team!

We're hiring, come and join our team!

We're hiring for an Account Handler within our expanding Corporate Services team here at Vista.

View full article »

Private Equity Deals Round-Up 2021

Private Equity Deals Round-Up 2021

2021 was an incredibly busy year for the Vista Private Equity team, our busiest yet in fact.  We advised on over 70 deals and continue to see increased numbers of portfolio clients making add-on acquisitions.

View full article »

Project Spark (Flint Global Limited) – Minority Investment

Project Spark (Flint Global Limited) – Minority Investment

Vista assisted Growth Capital Partners LLP with insurance due diligence for their minority investment in Flint Global Limited.

View full article »

One month on is Log4Shell the calm before a Ransomware storm?

One month on is Log4Shell the calm before a Ransomware storm?

Log4Shell is a so-called zero-day vulnerability — named as such since affected organisations have zero days to patch their systems...

View full article »

Tevva Case Study

Tevva Case Study

Read our recent case study on how we worked with Tevva in an incredibly challenging insurance environment.

View full article »

Vista / YFM Equity Partners - Deal Update

Vista / YFM Equity Partners - Deal Update

The latest deal from our Private Equity team.

View full article »

W&I Insurance - should I consider this on every deal?

W&I Insurance - should I consider this on every deal?

Should you be considering Warranty and Indemnity (W&I) cover on every deal? With increased market choice, lower premiums including much lower minimums, and better coverage than ever before the answer is YES.

View full article »

Cyber attack brings SPAR to a halt

Cyber attack brings SPAR to a halt

Is your business covered for such an incident?

View full article »

Hybrid working – Will businesses see a rise or fall in claims against them?

Hybrid working – Will businesses see a rise or fall in claims against them?

Hybrid working – Will businesses see a rise or fall in claims against them?

View full article »

The real cost of a business cyber attack

The real cost of a business cyber attack

4 in 10 businesses (39%) reported having a cyber security breach in the last 12 months, according to Gov.UK's Cyber Security Breaches Survey 2021.

View full article »

Vista sees turnover increase by over 30% with further growth expected

Vista sees turnover increase by over 30% with further growth expected

Vista Insurance Brokers Ltd. has recorded a 32.7% increase in turnover up from £15.6M to £20.7M, for their annual reporting period to July 2021.

View full article »