The Log4j Vulnerability, Explained

December 13, 2021

Integris is actively tracking a new, evolving vulnerability affecting a Java logging package, Log4j, which is used in a significant number of applications and services. Learn what it is and why it’s important below.

What is Log4j?

Log4j is an open-source Java logging package. Almost every software keeps records of errors and events, known as logs. Many developers use the open-source (freely available) Log4j to log – applications and services such as Apple, Twitter, Steam, Tesla, and Apache use it.

What is the Log4j vulnerability?

Malicious attackers can trick Log4j to run malicious code by making it store a log that includes a special, dangerous string of code. From there, the hacker could potentially have full access to the system and do things like steal sensitive data.

The Log4j vulnerability is serious because it’s a commonly used piece of freely available software. This means any exploit found makes many applications, services, and businesses vulnerable.

Burnout & holidays = potential for major trouble

This is a zero-day vulnerability – meaning recently discovered but vulnerable for a longer period. But that means bad actors tried to take immediate advantage of the situation.

They were aided by the fact that this is announced during the holiday season, when workers may be on vacation or focusing on upcoming parties and presents. And like some previous vulnerabilities, activity spiked over the weekend for the same reason on a smaller scale. Burnout, caused in part by a deluge of cybersecurity incidents like these, has been a major issue in the past year.

All of this adds up to a troubling cybersecurity situation.

What did Integris do?

Integris was alerted quickly as the threat became known. We sent out an alert to clients, alerting them to this vulnerability. We are working in coordination with vendor partners to deploy updates as they become available.

What did your provider do?

Which leads to the question: what did your IT provider do? Did they alert you of the situation, and let you know what steps they were taking? Or are you learning about it now?

We think it’s important to keep our clients in the loop, even if the information is not actionable on their end. We want our clients to know that we know and that we’re on it.

Interested in learning more? Reach out to Integris today.

We're Integris. We're always working to empower people through technology.

Keep reading

vCIO vs. vCISO: What’s The Difference?

Managing your IT operations is a big job, especially if you're a small or mid-sized company without the resources to hire a full internal IT staff. In these cases, most companies hire a managed IT service provider to fill the gaps. Yet, knowing who to hire and what...

Retainers for vCIOs and vCISOs: A Comprehensive Guide

If you're running an IT department at a small to mid-size company, you know— the demands on your infrastructure are greater than ever. Cyber threats are growing at an alarming pace, primarily fueled by the accessibility of AI to hackers. Cloud productivity, system...

Preparing Your IT Team to work with a vCISO: a Step-by-Step Guide

According to recent reporting from Channel Futures, the market offering for virtual Chief Information Security Officer (vCISO) services is set to expand by 480 percent between now and the end of next year. In fact, most MSPs say they will soon offer senior...