Blog

Get expert advice on every topic you need as a small business owner, from the ideation stage to your eventual exit. Our articles, quick tips, infographics and how-to guides can offer entrepreneurs the most up-to-date information they need to flourish.

Subscribe to our blog

Why your organization needs to be vigilant against Log4j vulnerability, according to cybersecurity experts

Posted by Celene Robert

January 13, 2022

Check Point Research identified a whopping 50% uptick in weekly cybersecurity attacks on business networks in the fourth quarter of 2021 versus 2020, a figure the cybersecurity firm said was exacerbated by the Log4j vulnerability discovered in December.

Log4j is a popular open-source Java logging library developed by the Apache Software Foundation. It is used by developers to record what happens in their software applications or online services. A software vulnerability in Log4j, disclosed in December and also known as Log4Shell, has gained broad attention for posing a severe risk to millions of applications and devices across the globe. 

Microsoft reports that Log4Shell can be used to break into systems, steal passwords and logins, extract data and infect networks with malicious software. Enterprise software developer Red Hat assigned Log4Shell a 9.8 severity score out of possible 10 on the Common Vulnerability Scoring System, while the National Institute of Standards and Technology rated Log4Shell its highest severity score, 10.

Who is affected?



Security experts warn that attackers are making hundreds of thousands of attempts to find vulnerable devices. Any device with internet access is at risk if it's running open-source logging Log4j library, version 2.0 to 2.14.1. 

Although the Log4j library is used worldwide in millions of software applications and online services, it makes systems vulnerable by allowing attackers to execute code remotely on a target computer to spread malware, steal data and take control. 

Minecraft servers were the first to face Log4j exploitation via a malicious string entered through its chat box. Malignant text entered in the username box on web applications, like Apple iCloud, can also lead to compromise. Although fixes have been issued, organizations still need time to identify exploited areas or potential threats and implement the measures.

Warnings issued by major players 



Several national cybersecurity agencies, including the Cybersecurity and Infrastructure Security Agency and the UK's National Cyber Security Centre, have issued warnings to take immediate measures against the Log4j vulnerability. 

"We will only minimize potential impacts through collaborative efforts between government and the private sector,” said CISA Director Jen Easterly. “We urge all organizations to join us in this essential effort and take action.”

Measures undertaken by major tech firms to detect, mitigate Log4J vulnerability:

1. NCC Group offers paid tools for businesses to test Log4j vulnerability.

2. Microsoft released guidance on preventing and detecting Log4j exploitation.

3. IBM issued guidance for its customers.

4. Oracle issued a patch to avoid Log4j exploitation. 

5. Amazon web services announced it is working on patching services.

6. Cisco released rules to detect exploitation and patches for its affected products.

How to safeguard against avoid Log4j exploitation



Any organization affected by the Log4Shell flaw should upgrade Log4j to version 2.16.0, which Apache released on Dec. 13. 

Author

Celene Robert
Celene Robert

Celene heads up the marketing at Escalon. Passionate about helping companies grow their business, she spends her days finding new ways to bring essential business services to startups, SMBs, and growth-minded companies. Based in the PNW, she’s the proud owner of 8 pairs of Birkenstocks and a sassy, cuddly cat.

We provide you with essential business services so you can focus on growth.