This weekend, you may have seen a whole lot of tech chatter about log4j, vulnerabilities, exploits and chaos spanning the world wide web. A vulnerability was unearthed in a piece of Java code in use across software applications all over the world, and malicious actors have been quick to take advantage of it.
What is log4j?
Log4j is a logging framework API written in Java and distributed under the Apache Software license. The code is used in all kinds of software applications all over the world, to log information it helps system administrators monitor whether software is running smoothly and can also help with catching bugs when things go wrong. This weekend, a vulnerability emerged in the log4j logging framework, putting any company that uses software using log4j at risk.
Who’s at Risk?
In short everyone is at risk to some degree, but this is nothing new as there are new IT security risks discovered every single day. Most small and medium business don’t run internal systems that are directly accessible from the internet, so their exposure is reduced significantly.
Businesses most at risk of attacks are those that develop software or have internet-facing services that utilise Java and more specifically this logging framework. If your business has any software that is accessible from the internet and is running Java, there’s a high likelihood you have a problem.
What needs to be done in the short term?
As this is such a wide-spread issue, affecting so many different systems, there is unfortunately no quick fix. The first thing to do is to confirm if any systems running Java can be accessed from the internet and prioritise these systems for immediate action.
If your business uses any cloud services the vendors will likely be posting updates about their action plans to protect their systems all of the major vendors e.g. Microsoft, AWS, Google etc. all have plans in place but if your systems are provided by a smaller vendor, it would be advisable to contact them to ensure they are taking action to protect your business.
How do I know if my systems are affected?
HCS would recommend an External Vulnerability Test be run against the companies’ external networks to confirm if there are any exposed systems. If this is a part of your regular IT Managed Service, this is already underway, and we will be in communication with any customers who have systems that are identified as being at risk with proposed mitigation actions.
If you currently don’t subscribe to this service, we can provide a onetime vulnerability scan of your external network to report of this and any other potential vulnerability present in your current systems. Please contact your account manager or our sales team on enquiries@hcs.ie to arrange a scan.
What needs to be done in the long term?
This vulnerability is nothing new and there have been many like it in the past. IT security analysts are continually finding and patching vulnerabilities in systems every day, IT security needs a focus in your business to identify the risk and mange it. There are number of solutions that work together to protect business and users from the continuously evolving threats. Just in recent days a new fix for the Log4j flaw was released as the previous patch was deemed as “incomplete in certain non-default configurations.” More info on this can be found here. This is a good example of how the cyber security landscape can change suddenly and why it needs a focused approach to keep on top of it.
Check out our Enterprise Cyber Security Solutions here and our Cyber Security Solutions for SMB here. And click on Book a Consultation to talk to one of our security team about your current IT Security concerns.