Kronos Hack

December 17, 2021

Dear Valued ARUP Client,

On December 10, 2021, a Common Vulnerability and Exposure (CVE) alert was issued from NIST related to Apache Log4j, CVE-2021-44228.  The exploit was in the Log4j Java library, potentially allowing attackers to take control of systems and execute malicious commands. When received, ARUP’s internal security team activated our assessment processes to determine impacts and identify impacted systems and remediate as discovered.  We have not found or detected any evidence of Log4j being exploited across our environment.

Currently, our teams continue to perform the following activities:

  • Continually monitor the evolving situation related to the Log4j vulnerability from multiple security feeds and security vendors
  • Reviewing all platforms to ensure they are not impacted by the vulnerability and remediating as issue are found
  • Working closely with vendors and partners to ensure the latest patches, recommendations and workarounds are in place
  • Continuously monitoring our environment for any indications of the vulnerability being exploited
  • Ensuring all security monitoring and defensive platforms have the last policies in place to protect our environment
  • Adjusting response plans as the situation evolves and new findings are published

We understand the concern this vulnerability has created across all organizations and are working to ensure our platforms are not impacted.  We appreciate your concern and want to assure you we are taking the appropriate actions to protect data from evolving threats that are taking place. Please contact me with further questions.

Thank you,

Bryce Limb
IT Infrastructure Director