You may have recently heard a lot of news reports about the Log4j vulnerability. It’s important to understand exactly what it is and what you need to be doing right now to protect your business. Let’s start with what Log4j is and how it’s used today.
Apache Log4j is one of the most popular logging utilities used across the Internet today. It’s a foundational framework that enables developers to track online activity for troubleshooting, auditing, and data tracking purposes. Because it’s an open source, free library, it touches almost every part of the Internet in some form or fashion. That means that even though you may not directly use Log4j, the vulnerability still can impact your business.
A flaw was recently detected in the Log4j library that allows bad actors to execute code to a remote server with the intention of stealing data or inserting malware. It is difficult to detect, and a high percentage of businesses and other entities around the world are vulnerable to it without even realizing it.
According to Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency (CISA), the Log4j vulnerability is “incredibly dangerous to everybody’s business, everybody’s networks, [and] everybody’s system.” She recommends that everyone should assume they are exposed and vulnerable until they can confirm otherwise.
Although the defect was made public in early December 2021, the introduction of this “backdoor” into the open source dates back to 2013. According to CNBC, the Department of Homeland Security is investigating the origin of this serious flaw.
In the meantime, the “how” the Log4j vulnerability got introduced several years ago is not as important as the “what” we all should be doing about it today.
Depending on your business environment, you may be using software that uses the Log4j vulnerable library. You can find a comprehensive list of affected vendor and software here.
If you see a vendor or software you use on the CISA compiled list, we encourage you to follow the U.S. Cybersecurity & Infrastructure Security Agency (CISA) actions:
Addressing the Log4j vulnerability is a highly technical fix. Your business may want to work with internal or third-party technical resources potentially including your web host and/or your web developer if you host a website.
If Log4j is utilized anywhere in software, it must be updated to the most recent version. More detailed information is available at many sources including the CISA Apache Log4j Vulnerability Guidance page.
Secondly, conduct a security review to determine if there is a security concern or compromise. The log files for any services using affected Log4j versions will contain user-controlled strings.
The wide-spread impact of the Log4j vulnerability is a loud reminder that security needs to remain front and center of all businesses. A breach is costly to your bottom line and greatly damages the trust your customers have placed in you. Your financial hit may recover but rebuilding customer trust and your business reputation can take much longer. Here are seven cybersecurity best practices that all businesses should engage to enhance their protection.
Security is a big deal – particularly since cybercrime is up 600% as a result of the pandemic. If you have questions regarding your Log4j vulnerability or how to keep your business protected, I’m happy to talk to you. Please contact me at firstname.lastname@example.org.