|
|
Good afternoon,
I am writing to provide an update on our work to protect CTA systems and applications from the log4shell vulnerability that we informed you about last Friday night.
We have not found any evidence of exploitation or data breach due to this event. We have identified 27 systems for investigation with 8 confirmed as vulnerable. CTA staff have taken action in the following manner:
- 5 systems - Patched or applied workarounds
- 3 systems - Tested and found not vulnerable
- 3 systems - Isolated
- 2 systems - Confirmed as not in our environment
- 7 systems - Isolated & waiting for patches
- 7 systems - Confirmed by vendor as not vulnerable
Based on our quick action and new vulnerability guidance from Cybersecurity and Infrastructure Security Agency (CISA), we feel it is now safe to restore full access to the two systems we isolated on Friday. This will restore offsite access without VPN to Follett’s Destiny and Tyler Content Manager. Out of caution we will continue to block access to CTA's systems to internet addresses outside of North America.
This continues to be a developing situation that we are monitoring. We do recommend that all organizations continue to apply patches to their systems as soon as they are released by vendors. If you need support, please contact our service desk at support@cascadetech.org.
Stuart Long
|
|
|
---------- Forwarded message ---------
From: Stuart Long, Cascade Technology Alliance <stuart.long@cascadetech.org>
Date: Fri, Dec 10, 2021 at 10:04 PM
Subject: CTA Responds to Global Cyber Incident
December 10, 2021
|
|
|
You are receiving this email because you may use a technology application provided by Cascade Technology Alliance at severe risk. A recently discovered vulnerability named “log4j” or “log4shell” is affecting companies and organizations globally.
Due to the severity of this widespread threat, our team is working swiftly to protect our systems from any potential attacks. So far, we have not found any evidence of breaches. Here is what else you need to know about the impacted systems and the steps we are taking:
- Our team has restricted access to three vulnerable systems:
- Follett’s Destiny,
- Tyler Content Manager,
- and CTA’s Helpdesk.
- Access to these systems will not be directly available from locations other than onsite at a K12 school district or ESD.
- Access from offsite will be available if connected to a district VPN.
- Currently only three systems are known as vulnerable and other systems including Visions (excluding TCM) & Synergy are unimpacted and remain available offsite.
- Out of an abundance of caution we are also blocking direct access to other CTA networks and systems from internet addresses outside North America.
This is a developing cybersecurity threat and we are actively monitoring the situation. If you need support, staff are attending our service desk at support@cascadetech.org. We will post further information about this incident to nwresd.org and multnomahesd.org as it becomes available.
|
|
|
|
