Log4j raises cyber risk for public finance entities, Fitch warns

January 19, 2022

Cybersecurity Dive

The Log4j vulnerability may expose public finance entities, including local governments, utilities and infrastructure to serious cyber risk, putting pressure on their operations and finances as bad actors feel emboldened to launch ransomware or other malicious attacks, according to Fitch Ratings.

Many local agencies and facilities have high exposure to Log4j, which is found in hundreds of millions of devices and applications around the world. Many of these organizations have a limited number of information security experts on staff, use legacy technology and lack the resources to rapidly assess their level of exposure to the vulnerability, according to Omid Rahmani, associate director, U.S. public finance at Fitch.