Blog

Dresner Group Blog

Our technology blogs feature IT tips and best practices for businesses in Columbia, Baltimore, and Bel Air.

WARNING: Widespread Log4j Vulnerability is a Massive Danger to Businesses

WARNING: Widespread Log4j Vulnerability is a Massive Danger to Businesses

Before this week, you probably never heard about Log4j. Right now, though, it’s the biggest topic in cybersecurity due to a massive vulnerability that is estimated to affect millions of devices. Your business needs to take this seriously.

What is Log4j?

Without getting too deep into the roots, when developers create software and applications, they rely on different programming languages. For instance, Java has been a common programming language since the early 90s. Java contains libraries that developers can utilize, and one of these libraries, known as Log4j, was recently discovered to have a major vulnerability in it. This vulnerability has been around for years, but now that it is out in the open, cybercriminals are likely to take advantage of it to steal data and infiltrate networks.

The scope of this is huge. The vulnerability impacts some common names in the technology world, such as:

  • Amazon
  • Apple
  • Cisco
  • Fortinet
  • Google
  • IBM
  • Microsoft
  • SonicWall
  • Sophos
  • VMware

…as well as others, large and small. Even the United States’ Cybersecurity and Infrastructure Security Agency (CISA) is affected.

Does Log4j Affect My Business?

It’s pretty likely. Not to sound repetitive, but this is a major, major issue, and anyone using software or running a system with this vulnerability is putting themselves, their data, and their business at risk. It doesn’t just affect Microsoft and Apple, it affects all of us, because we all use Microsoft and Apple services.

How to Protect Yourself from the Log4j Vulnerability

For the most part, you need to rely on the security patches and updates your vendors provide for your software. Unless you develop your own applications, in which case then the onus is on you, you are at the mercy of your vendors.

Fortunately, most of the major vendors are scrambling to get security patches out. That said, it’s up to you to apply them. If you have software that is no longer receiving updates (such as older applications that have reached end-of-life, or have surpassed your license agreement), you’ll need to have someone determine if they utilize Log4j and come up with a game plan from there. Cases like this are going to get pretty hairy, so we suggest acting quickly.

Technology and the Internet are a Little Less Safe, so It’s Up to You to Protect Yourself

Since this vulnerability has such a wide impact, it really is up to you as an individual to make sure you are practicing good cybersecurity hygiene. Utilizing weak passwords like “123password” or using the same password across multiple accounts is a terrible, dangerous habit. You need to be using strong password best practices, such as:

  • Using a unique password for each account and website
  • Using a mix of alphanumeric characters and symbols
  • Using a sufficiently complex passcode to help with memorability without shorting your security
  • Keeping passwords to yourself

Let’s Audit your Technology ASAP

Don’t put your business at risk by ignoring the dangers of this vulnerability. You should have your network audited to ensure that everything on your network is thoroughly patched and determine if any systems are utilizing Log4j. It’s just a matter of time before we start seeing widespread exploitation of this vulnerability, so time is of the essence.

Give Dresner Group a call at (410) 531-6727 to schedule an appointment, even if you aren’t a client. This is very serious, and we don’t want to see local businesses struggle from this.

×
Stay Informed

When you subscribe to the blog, we will send you an e-mail when there are new updates on the site so you wouldn't miss them.

IT Management’s Biggest Challenge can be Settled w...
Hackers Aren’t Always Thieves
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Guest
Friday, 22 November 2024

Captcha Image

Client Service Login

Latest News & Events

Annual Channel Futures MSP 501 Identifies Best of the Best in the Managed Services Industry Dresner Group has been named as one of the world’s top-performing managed service providers in the prestigious 2024 Channel Futures MSP 501 rankings. The Chan...

Contact Us

Learn more about what Dresner Group can do for your business.

Copyright Dresner Group. All Rights Reserved.