Log4j Vulnerability - Am I At Risk?

Earlier this month, popular cloud services such as Steam and iCloud, as well as apps like Amazon and Twitter were reportedly vulnerable to attack by logging utility Log4j. As reported by Ars Technica, Minecraft was the first to discover the Log4j vulnerability. Their services warned of an actively circulating attack code that exploited the vulnerability to execute malicious code on servers and devices running the bestselling game. The internet community realized soon after, though, that Minecraft wasn’t the only well-known service affected by Log4j. Used by some of the biggest names in tech – Apple, Cisco, Google, Microsoft – to name a few, it poses possible risks to the world’s most popular applications and services. Thus, Log4j essentially affects every part of the internet. 

What is Log4j?

Also known as Log4Shell, Log4j is one of the most widely-used logging libraries online. What is a logging library? A logging library is a code that can be installed within an application to create and manage log events. With Log4j, software developers are able to build a record of activity that can be used for a variety of purposes. This can include troubleshooting, auditing, or even tracking. Because many companies run the software, it could be present in popular apps and websites. In short, hundreds of millions of devices worldwide that access these services could be open to the Log4j vulnerability.

How are hackers exploiting the Log4j security flaw?

According to researchers from Cisco and Cloudflare, hackers have been exploiting the Log4j bug since the beginning of the month. However, attacks increased dramatically after the disclosure of the vulnerability. The range of impacts is unfortunately broad due to the nature of the Log4j vulnerability itself. To exploit Log4Shell, a hacker just needs a device or system to log a malicious string of code. From there, they can load the code on the targeted device and install malware or launch other attacks. Exploitative actions include installing cryptominers on at-risk devices, and stealing system passwords and data.

What are companies doing to address the issue?

There is a large amount of pressure on companies to act. Minecraft quickly issued a fix and rolled out patches to address the Log4j vulnerability. Others, like Amazon, Cloudflare, IBM, and Oracle issued warnings to customers, either pushing security updates or planning for future patches. The Log4j flaw is such a severe bug, that it’s not easily patchable like a traditional major vulnerability. That said, the exact scope of the exposure is still coming to light. Most organizations don’t have a clear list of every program they use, and it could be difficult to account for all the layers of software a company uses. Experts are most concerned about smaller organizations that don’t have large security budgets, lacking the staff or tools to prevent their systems from such cyberattacks. Overall, people should take measures to update their devices and applications when companies push patches in the coming days and weeks.

What can you do to protect yourself from the Log4shell vulnerability?

As previously stated, keeping devices and programs up-to-date at minimum will decrease the risk of exploitation by the Log4j vulnerability. However, there is a concern that a growing number of hackers will make use of the vulnerability in new ways.

Here at Orange County Computer we can help protect you from vulnerabilities like Log4j. With our Managed Services offering, we can help your company become more secure. This would provide you with full IT support, including: Cloud Services, Network Administration and Management, Data Center Solutions, Firewall and Security Solutions, Disaster Prevention Solutions, and much more!

If you are interested, please don’t hesitate to contact Orange County Computer at 949-699-6619 or via email.