Storable Responds to Log4J Software Vulnerability
A newly uncovered computer vulnerability is setting off alarm bells throughout the business world, as a flood of cybercriminals rush to exploit it.
The vulnerability was found in a Java software utility called Log4j. The open-source code is used extensively by commercial software developers and powers everything from web cams to industrial control systems.
Simply put, the code is used to log user activity. However, attackers can use the exploit to take over critical systems without a password or inject malware directly on infiltrated computers. Already close to half of corporate networks have experienced an attempted attack using this exploit, making efforts to address the vulnerability a top priority for companies around the world.
At Storable, we take any security threat seriously and take all actions necessary to keep our clients safe. In the spirit of transparency, this post summarizes the results of our investigation to date and recommended steps for customers.
On Friday, December 10, 2021, the Storable cyber security team became aware of a critical vulnerability in the Apache Log4j2 java library (CVE-2021-44228). We immediately initiated our incident response process to determine our usage of this library and its impact across Storable, our products and our infrastructure.
Facility management software
Storable’s family of facility management software products includes Sitelink, storEDGE and Easy Storage Solutions. None of these FMS solutions are written in Java nor do they utilize the affected Log4j2 java library. We identified one (1) third-party tool used internally in support of our FMS software that was affected by the Log4j2 vulnerability. The vulnerability has been addressed.
We identified two (2) third-party software products used internally in support of the marketplace website that were affected by the Log4j2 vulnerability. The vulnerability has been addressed in both of these products.
None of Storable’s websites products are impacted by the Log4j2 vulnerability.
None of Storable’s insurance products are impacted by the Log4j2 vulnerability.
None of Storable’s payment processing products are impacted by the Log4j2 vulnerability.
All hands on deck
Storable’s cyber security team continues to investigate our exposure to this vulnerability and we will provide further updates if any new risk to our users or our products is identified. We also monitor our IT environment 24x7x365 for threat activity so that we can respond quickly to any identified malicious activity. At this time, we are not aware of any vulnerabilities in our IT environment related to the CVE-2021-44228. Storable customers should feel confident using our products knowing that we are taking appropriate measures to address this widespread vulnerability.
Why Going Green is a Golden Opportunity for Self-Storage Operators
Changes in climate have knock down effects that impact local economies, of which self-storage operators are not immune. Read on to learn how embracing sustainability makes good business sense for the storage industry. Keep Reading
Storage Monitor: An End of Summer Look at Pricing and Occupancy
With the peak leasing season behind us, let’s take a closer look at pricing and occupancy trends to see where the industry stands as it heads into the fall. Keep Reading
A.I. in the Self-Storage Industry: Separating Hype from Reality
Considering automating your self-storage access management? Learn how you can boost occupancy, efficiency, and revenue with automated access control. Keep Reading