Have you heard of Log4j? If we asked you a week ago, you almost certainly did not. Now it is dominating headlines as one of the largest cybersecurity risks we’ve ever known, and your business needs to act immediately to make sure you aren’t at risk.
What is Log4j?
We’ll avoid getting too technical, we promise. Basically, when software developers build applications, they can use various software languages. Some of these languages have libraries with different functions and capabilities. Log4j is a library used in the Java programming language. It’s been around for years, but recently a major vulnerability was discovered that affects all software and systems that use the library.
This is an extremely widespread issue. It affects major technology companies that almost everybody on the planet uses on a regular basis.
…as well as others, large and small. Even the United States’ Cybersecurity and Infrastructure Security Agency (CISA) is affected.
Will Log4j Impact My Organization?
It’s pretty likely that it will. The scope of this is huge, and if anything you use utilizes Log4j (which is not something that is clear from an end-user perspective), it leaves your doors wide open to cyberattacks. It’s dangerous to ignore this problem.
How to Protect Your Business from the Log4j Vulnerability
Your vendors should be producing security patches and updates, if they haven’t already. That said, it’s up to you to ensure these get applied. If you are using software that is no longer supported, then you’ll need to determine if it is affected by the vulnerability, and come up with a game plan to get it replaced or patched. That’s something we can certainly help you with, so definitely reach out to us at (603) 499-4400 to set up an appointment to audit your IT.
This Makes the Internet More Dangerous, So You Need to Be More Careful
The Log4j vulnerability is a massive, widespread problem, and has a wide blast radius. It’s estimated that a huge number of websites, applications, and services you use every day will be impacted, and it is up to you as an individual to make sure you are practicing cybersecurity best practices.
Using weak passwords like “password345” or using the same password across multiple accounts is among the most irresponsible things you can do online. You need to be using strong password best practices, such as:
- Using a unique password for each account and website
- Using a mix of alphanumeric characters and symbols
- Using a sufficiently complex passcode to help with memorability without shorting your security
- Keeping passwords to yourself
Let’s Review Your Technology Today
If you ignore this, you are likely going to suffer the consequences. The Log4j vulnerability is a real and serious threat to businesses, and not acting will leave your business wide open to every cybersecurity threat imaginable. It sounds like doom and gloom, but in the grand scheme of things, getting your IT audited and having everything patched and managed is a drop of water in the ocean compared to the risks.
Give Horne & Benik a call at (603) 499-4400 to set up an appointment, we are here to help, even if you just need a second set of eyes. It’s better to be safe.