Last month, a Biden Administration official in the cyber security division warned business executives and leaders from major US industries to be aware of a new and potentially serious vulnerability - the Log4J vulnerability. On a call with major technology firms, healthcare executives, and financial leaders, the Administration revealed the software vulnerability that could impact hundreds of millions of devices around the world! They warned that without action to clean up software code, sophisticated and malicious hackers could exploit this liability.
What is Log4J?
According to ZDnet, the flaw known as Log4J is a Java library for logging error messages in applications. It is the most high-profile security vulnerability on the internet right now and comes with a severity score of 10 out of 10. Not familiar with Log4J? Don’t worry, we’ll catch you up. Apache Log4j is a Java-based logging utility originally written by Ceki Gülcü. It is part of the Apache Logging Services. Basically any device that's exposed to the internet is at risk if it's running Apache Log4J, versions 2.0 to 2.14.1. NCSC notes that Log4j version 2 (Log4j2), the affected version, is included in Apache Struts2, Solr, Druid, Flink, and Swift frameworks. (Source: ZDnet) The Apache Software Foundation, which manages the Log4j software, has released a security fix for organizations to apply.This Java-based software is in some of the world’s largest tech firms used to log information in their applications. IMB, Microsoft, Cisco, Google Cloud, and Amazon Web Services, who have since addressed the issue within their code.
What You Need to Know
Let’s do a quick rundown of the information you need to know.
Bots have been exploiting this flaw in software code since approximately December 1, 2021.
The Cybersecurity and Infrastructure Security Agency (CISA) encourages updating internet-facing devices running Log4j to version 2.15.0, or to apply the mitigations provided by vendors "immediately.” But it also recommends setting up alerts for probes or attacks on devices running Log4j.
Attackers could potentially develop a worm that exploits the flaw and spreads automatically from vulnerable device to the next. (Remember the WannaCry worm?)
Additionally, CISA has set up a public website with information on what software products were affected by the vulnerability, and the techniques that hackers were using to exploit it. We encourage all of our readers to check out that link to determine the level of the flaw for their software and steps that will need to be taken in the future to protect their systems, networks, and data.