TnT | Log4j
Tech for Non-Tech
The cyber world is up in arms about log4j, and for good reason. It touches almost everything on the internet and is a major system vulnerability that is ripe for exploit by attackers. Let’s break it down in a simplified way so that those of us from non-tech backgrounds can get a better grasp of why it’s a big deal.
What it is: It’s an open-source (you can find it publicly) and totally free logging library used by software developers in all industries globally
What does it do: It logs the actions of a system or program so you can go back and do things such as troubleshooting or tracking data. Even if a system doesn’t use log4j directly, more likely than not, one of its other logging libraries is dependent on it. It’s like when you write a paper in school and cite a resource…that resource you’re using used someone else as their resource. Log4j is the resource’s resource so a part of it still lives on in the system.
Why it’s scary: Because log4j touches practically everything on the internet, attackers can reach out and try to exploit it on practically everything on the internet. It’s obviously not as simple as that sounds, but from a high level view, it’s something that is obviously concerning for security professionals. Attackers can use this log4j vulnerability to hack into servers from which they can do a whole lot of damage, i.e., exfiltrating or encrypting data, pivoting and conducting lateral movement to other systems, creating backdoors to maintain persistent presence or future access.
Impact: This isn’t just a concern for big businesses and organizations. Attackers can use bots to crawl all over the web to find entities that are still vulnerable because of log4j and target them. You could just be one fish caught in a big net cast over the web. You risk:
- Disruption in business operations
- Loss in business credibility
- Financial loss from thousands to millions of dollars depending on the size of your organization and the type of attack
What you can do today:
- Update and patch all your systems. Most all companies with software, hardware, any platform or system of any kind has started to address this problem. Go to your system settings and update everything.
- Invest in cybersecurity solutions. That best way to prevent loss is to be proactive in your defense. Take steps TODAY to prevent harm tomorrow. The right cybersecurity solution can save you time and money in the long run, and is an investment into the futures of both you, your team members, and your company.
Step one in a cyber attacker’s killchain is always reconnaissance — finding who they can exploit, and how. Talk to us today about Polaris’ Web Application & API Security platform to see how you can be proactive in defending your online presence, your website, from attacker exploitation as that is one of the primary channels for reconnaissance.
Author: Tin T. Nguyen, CEO, Polaris Infosec