News of the Log4J vulnerability has thrown businesses’ cybersecurity operations into disarray during an already stressful time of year. A severe and urgent risk, Log4J leaves companies susceptible to serious attacks in the form of data breaches, server takeovers, and much more. Here is everything you need to know about the widespread security flaw, and the steps you can take to protect your business
What is Log4J and Why Should You be Concerned?
You may not have heard of it before this week, but there is a good chance your business uses Log4J across a myriad of online operations. A Java library for logging error messages, Log4J is present in a host of software applications.
A major security flaw was discovered in the software in recent weeks, and cyber attackers have been quick to exploit the vulnerability. It is estimated that hundreds of thousands of attacks targeted the weakness within 72 hours of it being publicly disclosed. Now, national security agencies are issuing urgent warnings for companies to take action.
“To be clear, this vulnerability poses a severe risk,” said Jen Easterly, Director of the Cybersecurity and Infrastructure Security Agency. She added that the flaw is being “widely exploited by a growing set of threat actors, [and] presents an urgent challenge to network defenders given its broad use.”
Who is Affected by the Log4J Vulnerability?
Microsoft was the first known victim of an attack exploiting the security flaw, with Minecraft’s game servers being taken over before the problem was patched. A multitude of other big-name companies are known to use Log4J, and are now scrambling to respond to the new threat – but it isn’t just the tech giants who should be concerned.
Perhaps the most worrying aspect of the Log4J vulnerability is its ubiquity. The free-to-use, open source logging library is widely used across enterprise software, custom-built business applications, and cloud computing services. Yet, despite its popularity, it is maintained by a relatively small group of volunteers. This team has since created a patch, but it’s up to individual businesses to deploy the update.
Essentially, Log4J is a concern for every business right now, big or small. With the traditionally high risk holiday period just around the corner, companies were already facing an increased risk of attacks in the coming weeks. Now, that threat has been amplified, and isn’t expected to dissipate any time soon.
What Software is Vulnerable to Log4J?
Because of its widely-used nature, no single, comprehensive list of software that uses Log4J exists. Just a few of the affected vendors that your organization may use include AWS, Cisco, Dell, IBM, and McAfee. New patches are being deployed all the time, so make sure you’re running on the most up-to-date versions of all of your platforms.
Various security agencies have been working to compile lists of other software that have been affected, along with status updates on their protection levels. However, as noted on the page linked, the Log4J vulnerability may also occur in custom software developed within your organization, which won’t be included in this list.
How Can Businesses Protect Themselves from Log4J?
When it comes to vendor software, it’s best to follow individual providers’ guidance on how to deploy any updates and ensure your operations are secure. However, for more general protection, the Cybersecurity & Infrastructure Security Agency recommends the following steps:
1. Enumerate Devices
Enumerate any external facing devices that have Log4J installed.
2. Action Alerts
Make sure that your security operations center is actioning every single alert on the devices that fall into the category above.
3. Install a WAF
Install a web application firewall (WAF) with rules that automatically update so that your SOC is able to concentrate on fewer alerts.
Concerned About the Impacts of Log4J on Your Business?
The Log4J vulnerability is likely to have widespread and long-lasting implications for your business’s cybersecurity. If you’re already an Electric customer, reach out to us at any time if you have questions about the software you use, or if you need support.
To learn more about how Electric can help protect your business from the Log4J vulnerability and other cybersecurity threats, contact us today.