I’ve determined the last name of the cyber criminals. It’s Scrooge. Or maybe it’s Grinch.
Either way, obviously cyber criminals hate Christmas. Once again, right before the holidays we were alerted of the latest, and possibly biggest, vulnerability. It’s Log4j.
On November 24, it was discovered that this vulnerability existed but was not disclosed publicly until December 9. Just in time for all the cyber security and IT teams to cancel their holiday parties and scramble to respond to it.
So what exactly is Log4j? It’s a logging tool that is used in a LOT of software. A LOT. Software that is used by everybody. It is software that is used on Windows, Linux, Apple and iOS devices. It is used in corporations, public and private sector, government entities, and individuals. EVERYBODY.
What makes it dangerous? First, the vulnerability would allow a hacker to access a computer system and then do whatever they want…install malware, steal data (including passwords) or just lay in wait for an opportune moment to attack.
Log4j has been updated to remove the vulnerability. However, as with most updates, it is up to the administrator of your network to install these updates. The time between the announcement of the vulnerability and the installation of the update is a race to see if the window can be closed before the cyber criminal climbs in and hides.
So just like with the MicroSoft Exchange hack last year, fixing the problem is only the first step. The next step is to do forensics to determine if the hacker did in fact climb in through the window and is now hiding in a closet waiting to rob you blind…or worse.
Once you run the forensics, you must clean the system and make sure it’s locked down tight. And most importantly, implement a procedure by which updates are regularly made and have a cyber security team install continuous digital monitoring to make sure you stay safe.