Freely subscribe to our NEWSLETTER

“While there haven’t been any officially announced breaches as a result of the log4j vulnerability, security researchers across the world are already seeing attempts to actively exploit it in the wild. For instance, Cloudflare is currently seeing around 1,000 attempts to exploit the log4j vulnerability per second.

“It’s safe to say this vulnerability will have, and already is having, a massive effect on the industry. Log4j is used by thousands of applications, libraries, and frameworks, meaning the number of potentially impacted organisations is staggering. And with attackers already scanning the internet to find vulnerable targets, if organisations haven’t already started taking mitigation steps then it may already be too late.

“For organisations that still need to mitigate the vulnerability, they must update the log4j package itself and should not just update Java. This was an early misconception, that updating Java could reduce the severity of the vulnerability, which is simply not true. It’s also a good idea to consult with software vendors to see if they use log4j in any way, and if so if they’ve already provided patches for their products.

“If an organisation uses log4j or software that includes the library, then it’s safest to assume breach and review potentially impacted applications for odd behavior. Furthermore, if an organization feels they’re already breached then they should consult an incident response firm and remove all physical network access to the affected server.

“Unfortunately the worst is yet to come, as exploiting this vulnerability is as simple as getting an application that uses log4j to log a special string. After that, the attacker will have remote code execution (RCE) on a completely breached server.”