He must not get out much. That's IT circa 2022.
Y2K was more hype than real, Log4Shell was a security vulnerability in many platforms. If Y2K had gone unfixed stuff a few things would have quit working (including a few critical things to be sure). If Log4Shell had gone unchecked then so many, many things would be held hostage by ransomware and unable to bring back to line with a few code fixes (like the few things overlooked in Y2K).
Y2K did have some real problems. But fixing them was more than just running some upgrade patches (like Log4Shell). Fixing them usually required changing older program code in many, many places (my early programming days). It required lots of tedious searches in program code, often with no documentation, for anything to do with dates. Especially if dates were converted to or from strings (either to or from the user interface or to or from data files).
But, hey! It wasn't bad money for someone who'd just finished a BS in computer science, a field that Y2K along with Algore's internet created tons of demand. LOL
Log4j intrusions - “The majority of these were cryptominers.”
That’s very interesting. In the past, intrusions were looking for machines to use for spambots, opportunities for denial of service, ransomware, storing darknet data, , identify theft, and IP theft. Now they want to use your machine cycles for crypto mining.