Give us a call
Home|Tech Hub|Cyber Security|Protecting your business from Log4J- 6 essentials you must know

Protecting your business from Log4J- 6 essentials you must know

Share on socials

Cyber Security

You may be aware that there is a major security alert that is currently impacting the internet. Some Security Experts believe it to be one of the most serious vulnerabilities that we have witnessed to date and it is incredibly important that you are protecting your business.

However, strangely it isn’t being spoke about in the everyday business environment. That’s because rather than affecting the normal computers that you use daily it’s actually affecting the applications and websites you use.

Here, we are going to chat through the ins and outs of what’s going on and what it means for you in the least techy way.     

It all started when a concern was noticed in the popular game Minecraft, however soon it was realised that it was a much larger issue affecting millions, in a variety of web applications, including Apple’s iCloud.

The issue is a security error in a piece of software called Log4j.  The aim of this software is to keep a record of all that has happened within applications for developers to be able to track down problems and fix them.

Log4j is an open source software. This means it’s developed free for anyone to use by coders in their spare time. Therefore, to save the hassle of writing their own logging software, millions of developers use it as a very efficient way to create new applications.

However, it now means the security flaw- which is called Log4Shell- is now impacting millions of pieces of software, running on millions of different machines.

Whilst, you may not be noticing the effects in your business, it is affecting many of the services that you use.

The security flaw means hackers are able to run any code they like on affected servers, which means they are easily able to steal data, delete information or run other types of software.

A patch was developed swiftly to fix the problem, however the larger issue is updating all the software that’s been using Log4j. Due to the fact it is so widely used, it’s likely to take several months for the patch to be applied. There also may be cases where some web applications, for several reasons just may not be updated.

It is because of this that we may see knock on effects impacting your business. The rate of website hacks is likely to increase over the next few months. Some ecommerce sites that weren’t quick enough to get the patch out may find that hackers have already stolen their customers details- hence the risk of identity theft will also increase. Also, other websites you go to may secretly download malicious software onto your computer.

A piece of advice we would highly recommend and have been suggesting to all our clients is that you take the time to obtain statements from all your application vendors on whether an update is needed.

As always, it is also vital that you follow these basic security measures to keep you safe online:

  1. Always use a randomly generated password
  2. Never reuse a password on different services
  3. Always use Multi Factor Authentication to logon to any application
  4. Use a Password Manager to remember passwords for you
  5. Keep a closer watch on your card statements for the foreseeable
  6. Keep all your updates and patches on all your business computers current and up to date.

If you need any further support or guidance around this security issue, or if we can be any help please don’t hesitate to contact Corbel.

For further information on our Cyber Security Services click here

Leave Corbel a Google Review
Remote support