The Log4j framework is used by software developers to record user activities and application behavior for further examination. Log4j has been downloaded millions of times and is one of the most extensively used tools for collecting data across corporate computer networks, websites, and applications. It is distributed for free by the nonprofit Apache Software Foundation.
How can the vulnerability in Log4j be used by hackers?
The Log4j hype, which was recently discovered by Apache, allows attackers to remotely execute code on a target computer, allowing them to steal data, install malware, or take control of the systems. Some cybercriminals have installed software that mines cryptocurrencies using a hacked system, while others have created malware that allows attackers to take control of devices and launch large-scale attacks on internet infrastructure.
Security experts are particularly concerned that the flaw could allow hackers to gain enough access to a system to install ransomware, a sort of computer virus that encrypts data and systems until victims pay the attackers. These ransoms might be in the millions of dollars for major corporations. The attacks can also cause enormous disruption, such as the infection of Colonial Pipeline Co.’s systems in May, which forced the suspension of the East Coast’s main fuel pipeline for six days.
How can businesses address the Log4j issue?
There are certain patches and technical support available. The Apache Software Foundation has issued several updates in recent days, advising users to upgrade to the most recent version of the Log4j tool. On Friday, Oracle Corporation released its own set of fixes. Microsoft advised taking several steps to reduce the risk of exploitation, including contacting your software application providers to ensure they are running the most recent version of Java, which includes updates.
Teresa Walsh, global head of intelligence at the Financial Services Information Sharing and Analysis Centre, recommends that organisations reduce unnecessary outbound internet traffic in the absence of updates, which would help to protect susceptible systems.