fusiontek facebook post

LOG4J Exploit – Just In Time For The Holidays

Facebook Posts 39 300x251 1Many business owners have heard about the new security threat in LOG4J – have you? With the end of year coming quickly, many malicious attackers are working overtime to exploit this new security vulnerability. This time of the year is commonly busy for attackers, as they try to take advantage of the end of year business push that most businesses experience. With people leaving for vacations or trying to get end-of-year transactions completed, your business could be a target.

As a managed service provider, we at FusionTek are dedicated to keeping our clients protected from security threats. Here is everything you need to know about the LOG4J vulnerability:

What is LOG4J?

LOG4J is a software library. Think of a library as programs that are used by other programs. You don’t install/buy “Times New Roman Fonts” on your computer, but Word, Excel, and countless other programs include the font “library” as part of their installation. LOG4J is a logging library that is used by Java applications and is commonly found on public facing Apache web servers.

The LOG4J vulnerability is NOT a virus; it is an exploit. Think of a virus like someone breaking into your office by busting through the door, while an exploit can be best be described as someone entering an unlocked window to gain access to your business. In this case, LOG4J is that unlocked window which bad actors could enter if they wanted to – and they know it exists.

While unauthorized access to the office is concerning, it is not damaging unless used to do something malicious. The concern most business owners now have is – are they trying to exploit that vulnerability at our office?

How Does This Exploit Affect My Business?

The LOG4J exploit affects mid-sized businesses differently than enterprise companies. Large enterprises such as Amazon, Microsoft, and Apple are most likely running applications that are/were susceptible to an attack. They are busy patching their servers to prevent intrusion. For our analogies sake, they are replacing the doors and windows in the office so that people cannot gain access.

Mid-sized businesses face a different problem. Most businesses don’t know which websites their teams use that may be vulnerable. Nor do they have insights into these website’s patch statuses. This means that you are most affected because there is yet another method for the bad guys to compromise your network.

What Can you Do About it?

The best defense against this and other cyber threats is to have a comprehensive cyber security plan. You should already have a multi-tiered plan in place to detect, isolate, and remediate attempts to exploit the LOG4J vulnerability. A typical plan would include:

  • Training: Employees should be trained regularly, to keep users alert to unusual activity and email links.
  • Firewall: A properly configured firewall will help prevent a virus from coming into your network and to minimize its ability to activate and spread.
  • Anti-Virus: A commercial grade anti-virus application, with updated definitions, will help your team identify and isolate malicious software.
  • Anti-Malware: Anti-malware programs help teams identify code that appears suspicious and can point your IT team to malicious activity.
  • Zero-Trust Security Policy: Zero-Trust software will only allow authorized software to run on your network.
  • Rights Management: This is a practice in which you segment your teams access to certain areas based on their job title and role. For example: Sales teams do not need access to the accounting software used for transactions. This helps prevent viruses from spreading to critical areas depending on who attack originated with.
  • Data Backups: Both on-site and off-site data backups are essential to combatting an attack. Make sure that your backups are being executed and checked at daily.
  • Cyber Insurance: Most business are not properly protected from a cyber attack in terms of insurance coverage. Check with your insurance agent to ensure that you are properly protected in the unfortunate event that you experience an attack. If you need more information about this, feel free to reach out to our team.