Datto Launches Tool for MSPs to Combat Log4j Vulnerability

Global cloud-based software and security solutions provider Datto, a company exclusively focused on delivery through managed service providers (MSPs), is urging all MSPs to download a free script for any Remote Monitoring and Management (RMM) solution that it has created and made accessible on GitHub. This Endpoint Assessment Tool can enumerate potentially susceptible systems, identify intrusion attempts, and protect Windows systems against Apache Log4j attacks.

Just over a week ago, a severe zero-day vulnerability in the Apache Log4j logging framework was revealed. The problem has been assigned the highest severity grade, allowing bad actors to remotely attack susceptible computers, and governments all around the world have issued advisories.

Listen to this story

Datto certified their products safe to use throughout the critical 24-48 hour timeframe following the vulnerability’s disclosure. To help MSPs understand the Log4j danger and how it was being exploited, Datto began providing active threat information with the MSP community regarding assaults it witnessed right away.

Photo Ryan Weeks, CISO at Datto
“The Log4j response is going to require diligence for weeks to come as more vulnerabilities are released, as nuances in the mitigations are understood, and as exploits evolve,” said Ryan Weeks, CISO at Datto.

To help Datto partners and all MSPs discover and respond to possible exploitations, Datto packed excellent contributions from the security community into an MSP-friendly manner and published two separate versions of an Endpoint Assessment Tool. The component designed for Datto Remote Monitoring and Management (RMM) has been adopted by over half of all Datto RMM partners, resulting in millions of endpoint scans for vulnerabilities by MSPs at client-sites that are small and medium companies.

“The adoption rate of the Datto RMM component tool has been tremendous, with half our Datto RMM partner base utilizing it to scan protected endpoints. I’m hearing from partners that they finally feel empowered to respond to this emerging threat with this tool,” said Ryan Weeks, Chief Information Security Officer (CISO) at Datto. “From a community defense perspective, we want to make effective response tools broadly available to help every MSP in the channel to become more secure and to withstand cyberattacks. It is a chief priority at this time to encourage all MSPs to take advantage of the tools we’ve made available in Datto RMM and on GitHub to protect themselves and their clients. RMMs offer a key systems inventory and response capability that makes it easy to view, manage, and secure your endpoints during critical events.”

Protecting Windows Systems

Datto’s tool aimed at MSPs would allow users to check the contents of server logs for intrusion attempts and to protect Windows systems against Log4j assaults.

“During this critical time, I am pleased to see there has been some great information sharing and that we are really coming together as a community,” added Mr. Weeks. “However, the Log4j response is going to require diligence for weeks to come as more vulnerabilities are released, as nuances in the mitigations are understood, and as exploits evolve.”

Datto’s CISO provides the following advice for MSPs:

  • Update all Java applications which use Log4j
  • Java classes cannot be downloaded from remote places if outbound network access from affected computers is restricted
  • Inquire with your vendors about their stance on Log4j and how they evaluate their own suppliers (known as fourth-party risk)

MSPs may benefit from Datto’s Unified Continuity, Networking, and Business Management solutions, which can help them increase cyber resilience, efficiency, and growth. Datto’s solutions, which are delivered via an integrated platform, assist its worldwide ecosystem of MSP partners in serving over one million organizations across the world. Datto has global offices located in Australia, Canada, China, Germany, the Netherlands, Denmark, Israel, Singapore, and the UK.

Inxy Hosting CDN Marketplace