THE LOG4J VULNERABILITY SHOWS WHY ASSET MANAGEMENT IS VITAL TO CYBERSECURITY

Contact Us

THE LOG4J VULNERABILITY SHOWS WHY ASSET MANAGEMENT IS VITAL TO CYBERSECURITY

In November 2021, security researchers noted a zero-day exploit affecting the Java version of the Minecraft video game. Hackers could execute malicious code by manipulating Minecraft log files — simply by typing things in a chat box. When it became apparent that the vulnerability was in a utility called log4j, the cybersecurity community became alarmed. Log4j is open source code that handles logging functions in countless Java-based applications. Developers use utilities like log4j so they don’t have to write code to handle log files. The log4j utility is maintained as part of the Apache Logging Services Project and available at no charge to the public.

Because log4j is designed to log a wide range of events, from system errors to messages sent and received by users, hackers figured out that they could trick it into saving specific character strings. This makes systems vulnerable to remote code execution, in which an attacker installs malware to compromise the machine. Since the initial flaw was found, several more have been reported, and security researchers have seen attackers searching the internet for vulnerable machines.

If you are worried about log4j vulnerability or other IT security issues, our team at DeSeMa can help! Our experts have years of experience, and we can provide you with advice and guidance on how to keep your data secured. Continue reading to learn more about the log4j vulnerability, and reach out to our team to get started with your own security measures.

Interested In Learning More?

An image of a red key with a broken shield on a keyboard.

EXTREMELY DANGEROUS THREAT

It is unknown how many systems are vulnerable to the flaw, which has been dubbed Log4Shell. Google’s Open Source Insights Team found that about 8% of the approximately 440,000 Java packages stored in the Maven Central Repository — a storage area for resources generated by open source projects — were vulnerable. Generally, a security flaw affecting 2% of Java packages is considered serious.

Log4Shell is a grave threat that could impact millions of applications. What’s more, the Google team found that 80% of affected Java packages use log4j indirectly by calling other libraries, making it more difficult to address the bug.

In a recent article on The Verge, Cloudflare CTO John Graham-Cumming said, “There’s a tremendous amount of Java software connected to the Internet and in back-end systems. When I look back over the last 10 years, there are only two other exploits I can think of with a similar severity: Heartbleed, which allowed you to get information from servers that should have been secure, and Shellshock, which allowed you to run code on a remote machine.”

An image of code on a screen.

DON’T PANIC, TRACK

When Heartbleed was publicly disclosed in April 2014, it caused widespread panic because hundreds of thousands of websites were potentially vulnerable. Shellshock, which was discovered in September 2014, caused further panic. It was considered an even greater threat than Heartbleed because it allowed for multiple forms of attack.

Panic is never good in cybersecurity, but it often arises because administrators are unsure where to begin to address a threat. They don’t know how many systems and applications are affected, where those machines are located, or what the critical dependencies are. Sorting that out takes time, and time is not on your side in a zero-day attack.

That’s why IT asset management is critical to cybersecurity. An up-to-date asset management database tells you what systems are in production, what operating system versions they are running, and whether they have the latest firmware and security patches. It also allows you to track your application data flow, and what remote systems and libraries are being called.

This information can’t be in someone’s head, in some out-of-date documentation, or in 14 different spreadsheets. It needs to be in a global database that can be quickly queried to identify the affected systems.

An image of a man using a computer.

HOW DESEMA CAN HELP

The only advantage you have from a security perspective is knowing the battlefield. If you give up that advantage by not tracking your environment, the hacker will beat you every time. Problem is, IT teams lack the resources for effective asset management, and developers never have time for documentation.

That’s where DeSeMa can help. We have advanced auditing tools to inventory everything in your environment, and a program for continual audit where we can track every change. You will always have an up-to-date inventory of your systems, and we’ll give you ready access to that vital information through a web-based portal.

Security analysts are saying it will take most of 2022 to patch all the systems vulnerable to Log4Shell. That will give hackers plenty of time to wreak havoc with those systems. It doesn’t have to be that way. Let DeSeMa inventory your IT assets so you’ll be in a better position to combat zero-day threats. Give us a call and start the process of securing your data with the help of our experts today!

Get Started Today!

Contact Us