LOG4J – The Recent Cybersecurity Vulnerability Threatening Organizations

Java-based software known as “Log4j” for years represented a keystone in programming, as major companies have built widely-used applications to serve their clients, including Apple, Amazon, IBM, Microsoft, Cloudflare, and Cisco, amongst others. 

A vulnerability in the open-source Apache logging Log4j is exposing some of the world's most popular services to attack, and the situation has not improved since it came to light from the cyber security experts, and it could have serious repercussions for years. 

The first wave of the victims were Minecraft players, as one of the world’s most popular video games, hackers are exploiting the vulnerability to mass attack companies, and it is being considered a ticking bomb. The cybersecurity company Check Point reported more than 100 Log4j attacks occurring per minute, with the majority of them having the intention to deploy malware like Tsunami and Mirai for botnets, but also crypto miners such as XMRig.

The head of the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), Jen Easterly, called it "one of the most serious flaws" seen in her career. It is spreading like a pandemic, with over 840,000 attacks initiated within 72 hours. 

What is Log4j and why are we all vulnerable?

Log4j represents one of the most popular logging libraries. It is widely used by software developers to build a record of activity that is used during the execution of an application for a series of purposes such as troubleshooting, auditing, and data tracking. In addition, Log4j is both open-source and free, therefore, the library affects every sphere of the internet. 

Furthermore, even the developers who do not use Log4j directly might be running the vulnerable code of it because most other libraries use and depend on Log4j. In this sense, also the major companies such as Apple, IBM, Microsoft, Oracle, Cisco, Amazon, etc. run by utilizing Log4j, thus, millions of services could be exposed to the vulnerability as hackers continue to exploit it.

The repercussions are heavily dependent on what Mark Ostrowski, the Check Point’s head of engineering, stated: "Sophisticated, more senior threat actors will figure out a way to weaponize vulnerability to get the biggest gain".

In this sense, experts are especially concerned about the Log4j vulnerability because it leaves room for hackers to easily gain access to a computer server, and giving themselves permission to attack other parts of a network. On top of that, it is very difficult to detect the vulnerability and scan to see if the system or network has already been compromised. 

What can you do to protect against LOG4J?

Considering that this is a severe bug, it requires time and effort to protect your organization and your data. The main pressure is on organizations, as the potential for damage is incalculable.  

For now, the best thing that you can do is ensure you are not putting your data at risk and update your devices, software, and apps as per your organization’s guidelines and policies.

You can start with training in cybersecurity that nowadays has become essential to operating in any area of business. PECB offers Cybersecurity Management Training Courses designed to help you protect and maintain the long-term sustainability of any organization’s process. Certified individuals are able to develop policy frameworks in identifying processes that are most vulnerable to cyberattacks and ensuring that the organization will not be at risk.  

About the Author

Albana Iseni is a Senior Product Marketing Manager for ISR at PECB. She is in charge of conducting market research while developing and providing information related to ISO standards. If you have any questions, please do not hesitate to contact her: marketing.ism@pecb.com.