What is Log4j: Log4j an open source software, a logging library for Java, is widely used by businesses and web portals. Earlier this month, this open source software was in the news for its vulnerabilities.
According to the Indian Computer Emergency Response Team (CERT), multiple vulnerabilities have been reported in Apache Log4j, which could be exploited by a remote attacker to execute arbitrary code or perform denial of service attack on the targeted servers. Log4j is a Java-based logging library included in Apache open source project.
Cybersecurity for ‘new India’
The issue: Being used by many businesses and websites around the globe as a Java language, this software is publicly accessible and used to collect and store records of activity on a server. In this case, the vulnerability discovered allows malicious attackers to execute code remotely on any targeted computer. In simple terms, hackers can easily steal data or take control over the system. This vulnerability has the potential to expose organisations to new waves of cybersecurity risks, where the attackers can exploit using Remote Code Execution (RCE).
According to a report in The Hindu (https://www.thehindu.com/sci-tech/technology/internet/the-log4j-vulnerability/article38053462.ece), the vulnerability presents a large attack surface particularly due to the ubiquitous use of the Log4j library in Java software. Many proprietary applications developed and used by large companies rely on the Log4j library for logging purposes and are similarly vulnerable, the report added.
More than one-third of cybersecurity technologies used by companies in India outdated: Report
How the vulnerability can affect computers: This vulnerability is a challenge that will be faced by many companies and organisations that run software applications and websites, because Java is so widespread.
Companies coming up with solutions: Crowdstrike, an American cybersecurity technology company, has launched a free targeted Log4j search tool that performs a targeted search by scanning a given set of directories, and then runs a deeper scan on those file types matching against a known set of checksums for Log4j libraries, it said in a blog.
Global cybersecurity company Kaspersky details in its blog the measures to be taken to safeguard against this vulnerability. One should follow the Apache guidelines in their website and install the most recent version of the library (i.e.2.15.0). Businesses should use a security solution that provides exploit prevention, vulnerability and patch management components. In addition, the company also recommended installing security solutions on the servers, this will allow one to detect the launch of malicious code and stop the attack’s development.