News
Cybersecurity expert comment on Log4j vulnerability and what this means for businesses
December 2021 by Chris Vaughan, Associate Vice President, Technical Account Management, EMEA at Tanium
The Log4j vulnerability – a severe vulnerability in a widely used logging library is causing cybersecurity issues, affecting digital systems across the internet.
Off the back of this news, cybersecurity expert Chris Vaughan, Area Vice President of Technical Account Management EMEA at Tanium has provided the below comment:
“This vulnerability is the worst that I’ve seen in my career so far, in terms of how many people and organisations are affected and how severe the impact could be.
In the coming hours and days, I will be talking to many organisations about the challenges they face in identifying and remediating the vulnerability. Ecommerce is a sector that I think will be particularly targeted by attackers due to the amount of money that runs through these websites. The timing of this vulnerability emerging is terrible for these companies as they will now be making emergency changes to their IT environments at their busiest time of the year with Christmas approaching. To minimise the impact, they should follow the same advice that I would offer organisations from all sectors which is to patch the vulnerability as soon as they can. They should start with external facing parts of their IT infrastructure first such as their website before shifting their focus to internal systems.
One mistake that I’ve seen organisations making when going through this process of fixing the issue is that they are leaning too heavily on traditional vulnerability management tools. These tools scan installed applications for any problems, but if a framework like Log4j has been renamed or installed in a non-default path then it’s likely that vulnerability management tools will miss them. For this reason, using a solution that analyses configuration strings within files is preferable.
Having a tool like this in place will be one way of minimising the threat of vulnerabilities like this moving forward. I believe another way would be more heavily scrutinising open-source projects like Log4j. These frameworks and tools are widely adopted by thousands of organisations but are often run by people in their spare time as a passion project. It is usually unclear how much resource is being spent on maintaining security standards, but I believe that organisations will be keener to check this before using open-source tools in future.
This unfortunate news is another reminder of the importance of cyber hygiene and asset management. If you have these basics in place before an incident occurs, then you are in a much better position to either prevent any damage being done, or to minimise the impact.”
