Log4j – The realities of technology and security
In the news for the past week has been plethora of information related to the Log4j vulnerability and the massive/sweeping security impact it has had on many companies.
First and foremost, know that the Dunham Group Security, Investigation and Response (SIR) team went into immediate action. Upon learning of the Log4j vulnerability all servers under our management were scanned for native installation of Log4j. Simply put, if the server had the software directly installed it was identified and remediated quickly and efficiently.
At risk without knowing it
One of the lesser reported issues is that Log4j is actually baked into (a part of) many software applications commonly deployed on websites/applications. A primary example of this is Elasticsearch developed by Elastic NV. This software is widely used on websites to improve search capabilities. As such, direct installation is not required for the Log4j vulnerability to become a problem it can simply be there as part of another application. This was identified by our SIR team and in conjunction with Elastic EV a mitigation was put in place quickly to protect our clients using this technology. In addition, as soon as Elastic EV released a new/fully patched version of their software our servers were upgraded immediately.
Log4j requires continued vigilance
As vendors have identified that they use Log4j the Dunham SIR team has updated/upgraded/patched all systems to ensure client data/security. In the coming days and weeks additional reports will surface from vendors indicating that they are vulnerable. As this happens our SIR team will be working diligently to ensure our clients remain safe and secure.
If you have any questions regarding the Log4j vulnerability or what your organization can do to better protect itself, please reach out to firstname.lastname@example.org.
Related pages: Cybersecurity in the age of COVID-19