Millions of organisations use Log4j over the world. Businesses small and large, governments, banks and even your blog may have it running in the background. It’s used to log information on the backend of apps and services across the internet.
The specific veulnerability is callled Log4shell and although fixes have been issued – it’s important that companies take a proactive approach in identifying and implementing the fix – particularly when you may not even be aware you’re using Log4j.
What is Log4j?
Modern software can often be complex. It’s extremely common for code that’s written years, or even decades, ago to be recycled into new projects and libraries. Neither is there usual a single creator and instead a team of developers are usually involved in creating modern solutions. It’s arguably pretty rare for all of the code in modern solutions to have been written from scratch.
Log4j is one of the many building blocks that are used in the creation of modern software. It is used by many organisations to do a common but vital job. We call this a ‘software library’.
Log4j is used by developers to keep track of what happens in their software applications or online services. It’s basically a huge journal of the activity of a system or application. This activity is called ‘logging’ and it’s used by developers to keep an eye out for problems for users.
Who is affected by this?
Almost all software will have some form of ability to log (for development, operational and security purposes), and Log4j is a very common component used for this.
For individuals, Log4j is almost certainly part of the devices and services you use online every day. The best thing you can do to protect yourself is make sure your devices and apps are as up to date as possible and continue to update them regularly, particularly over the next few weeks.
For organisations, it may not be immediately clear that your web servers, web applications, network devices and other software and hardware use Log4j.
What can you do?
- Check your systems for the use of Log4j
- Check the list of vulnerable software
- Contact software vendors
- Set Web Application Firewall rules
- Check for scanning activity
- Check for exploitation
IP Four Digital are experts in cyber and information security. We’re a trusted supplier with the Manchester Cyber Resilience Centre, a certifying body for IASME as well as offering many security services.
If you’re concerned about Log4j or would like further advice then feel free to give us a call on 020 4525 3748 or contact us here.
IP Four Digital are an IT and digital support organisation based in Lancashire.