The vulnerability, which has been named Log4Shell, was recently discovered by LunaSec’s security researchers. It was first located within the Minecraft platform, which is operated by Microsoft, and has since been found in many other online services. The exploit was found in an open source logging utility known as Apache Log4j, an essential tool which is necessary in most Java-based apps and servers. It’s estimated that thousands of companies are likely to be at risk due to this vulnerability.
Vulnerabilities remain a major threat for every organization that employs an IT infrastructure, so we’re going to take a closer look at Log4Shell to see what lessons can be learned.
How Does the Log4Shell Vulnerability Work?
Log4Shell is known as a zero-day exploit and this means that it’s a natural vulnerability, likely due to an oversight on the original coders, which has been discovered but not yet patched. Hackers are determined individuals and are constantly focusing their efforts on analyzing software for vulnerabilities. Once a vulnerability is discovered, hackers can take advantage of it and, for example, gain unauthorized access to web servers. And, if like Apache Log4j, it’s a widely used utility, the hackers can replicate this attack against numerous organizations.
Web monitoring services have detected that around 100 hosts are actively scanning the internet to identify services which are running Apache Log4j. This scanning process is automated, so it can be left running continuously. Once platforms running Apache Log4j are identified, hackers have a relatively easy victim in their sights. All it would take is for the exploit to be taken advantage of and, very quickly, the hackers would be able to move deeper into the IT infrastructures of some major online businesses.
Protecting Yourself Against Vulnerabilities
Vulnerabilities such as Log4Shell are, unfortunately, inevitable due to the complexity of building software. Open source software, in particular, is difficult to police once it has been released and, of course, human error means nothing will ever be 100% secure. No specific damage has, as of this time of writing, been associated with the Log4Shell exploit, but the number of individuals at risk is very concerning. Thankfully, Apache have quickly developed a security patch for Log4j which will counter the vulnerability once it is installed.
The key takeaway from the Log4Shell vulnerability is that security patches are crucial. These need to be installed as soon as possible to mitigate any potential security breaches. However, there are other steps you can take minimize your risk:
- Monitor your network activity for any unusual spikes in traffic or unknown destinations making connections. These indicators could be evidence that your infrastructure has been exploited.
- Installing a strong firewall will allow you to restrict the flow of internet traffic in and out of your organization. A fully configurated firewall should quickly put the brakes on any unauthorized access to your network.
- Protect devices on your network by using powerful security tools. These will provide you with a number of options for limiting the movements of hackers through your network if they manage to gain access.
For more ways to secure and optimize your business technology, contact your local IT professionals.