Christmas came early this past December! By that I mean, the attacks that we’ve come to expect from our “frenemies” — the Chinese nation-state attackers who historically strike on this holiday — made themselves felt the week before. They weren’t the only ones reputedly attempting to capitalize on the Log4j vulnerability. The associated numbers were so great that the peal of “The internet is on fire!” rang out from around the globe. It wasn’t long until the words of the poet Rudyard Kipling came to mind: “If you can keep your head when all about you are losing theirs...”
In addition to being touted by many as perhaps the greatest security challenge this generation will have known, the Log4j vulnerability punctuated an awareness already brought to the forefront by the recent cybersecurity executive order that declares, in an ever-more-connected world, the growing importance that must be ascribed to supply chain security and the criticality of open-source software resident in that chain.