Community Shield® Dashboard: Log4j


The Dashboard is Interactive: Select data from any panel to filter displayed data across all panels. Filter by datesource country, source ASN organization, source IP addressdestination port and threat feed (most recent 36 hours only). Select multiple data points from one or more panels by holding Ctrl + clicking the desired data points you want to display. The data is updated hourly, and time is presented in EST (UTC – 5:00). While accessible via mobile devices, Microsoft Power BI dashboards provide optimum user experience by desktop.

Community Shield® Defending Log4j in Real Time

While many people tried to enjoy some time off over the recent holiday season, you can bet many cybersecurity pros were hard at work. The Log4j vulnerability made sure of that. As the Washington Post put it, “The cybersecurity world is starting off 2022 in crisis mode.” Fortunately, Calyptix’s Community Shield® offers real-time updates to help small and midsized businesses protect each other from cyber threats and criminals attempting to identify and exploit the Log4j vulnerability.

Calyptix developed and launched the Community Shield® in 2021 so that when attackers conduct reconnaissance or attack any member of our community, we all get protected. Working together only makes sense as those responsible for network security are so often in crisis mode. As Jake Williams, a former National Security Agency (NSA) cyber operator and founder of the firm Rendition Infosec, told the Post, “anyone looking for calm rather than the storm in cyber is in the wrong field.”

So, while we can’t promise calm, our Community Shield® dashboards provide a unique and actionable perspective into the ongoing activities associated with this vulnerability. The Community Shield® leverages our AccessEnforcers, our flagship firewall UTMs, to automate protection, detection, and prevention with shared cyber threat intelligence.

 

Blocking inbound and outbound traffic with malicious infrastructure protects small businesses from threat actors actively targeting the industries we support. With the Community Shield®, each AccessEnforcer is regularly updated with the latest malicious IP addresses based on insights gained from our customers. We also supplement our organic threat feeds with carefully curated external feeds. All this threat intelligence is reflected in the interactive dashboards Calyptix launched following the December disclosure of the Log4j vulnerability.

Community Shield® Log4j Dashboard

Since its activation, the Calyptix Community Shield Log4j Dashboard has tracked over 4,000 unique IP addresses attacking small businesses through Log4j reconnaissance and exploitation attempts, triggering almost 2 millions alerts.

The Community Shield® Log4j Dashboard provides interactive highlights for the count of unique source IP addresses and related inbound alert activity blocked from our Log4j threat feeds, including IPs from our Community Shield® and External Threat Feeds. As new threat actors are identified, their unique IP addresses are added in real time to a threat feed.

Log4j Threat Feeds Dashboard

The Log4j Threat Feeds Dashboard shows the total number of unique IP addresses by threat feed over time, distinguishing between the Calyptix Community Shield® Log4j Threat Feed and External Log4j Threat Feeds. Threat feed counts are updated daily.

The value of information sharing

Furthering Calypitx’s mission of improving cybersecurity for all, our Founder, Lawrence Teo, recently shared a list of 399 known bad source IPs for the Log4j vulnerability which is freely available on GitHub in CSV format. The list excludes IP addresses from lists already provided from other sources.

https://gist.github.com/lteo/0112514dfbc20860a768ff2669c15c1a

Teo has been working for decades to research1, create, and patent2 network security for small organizations. Community Shield® is the real-world implementation of his distributed cyber security system leveraging information sharing.

Calyptix plans to provide more public and private dashboards in the future, providing timely insights into the threats actively targeting small businesses and related industries.

As the Log4j vulnerability evolves, and new exploits are identified, Calyptix will continue to provide dashboards offering a unique and actionable perspective into ongoing cyberthreat activities. Meanwhile, with the Community Shield®, we encourage small businesses to work together to improve network protection both from this vulnerability, and future ones to come.

1Lawrence Teo, “Internet-scale Intrusion Detection and Prevention”, Ph.D. Dissertation, Department of Software and Information Systems, University of North Carolina at Charlotte, May 2006.
2Lawrence Teo (2011). Systems and methods for enhanced network security (US Patent No. 8,065,725). U.S. Patent and Trademark Office.

Written by Calyptix

 - January 5, 2022

About Us

Calyptix Security helps small and medium offices secure their networks so they can raise profits, protect investments, and control technology. Our customers do not waste time with security products designed for large enterprises. Instead, we make it easy for SMBs to protect and manage networks of up to 350 users.
GET STARTED
MSPRESELLER
home
contact
call us
call
linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram