Log4shell: Why You Should Check Your Company Right Now
Term of the month: Remote Code Execution
One of the main culprits of the destruction that Log4j can do is Remote Code Execution. In its essence it is rather simple. RCE allows the attacker to execute commands on someone else’s computer. That gives enormous power to the attacker since they can tell your device to do whatever they want for instance download malware, divert funds etc.
The most urgent topic for this month and the months ahead is going to be Log4Shell/J. I highly suggest to read to the first link to get a better understanding of why your IT staff is worried about it and why you should do everything you can to help them deal with the threat that it poses. If the company systems have been updated and secured then you should thank the IT staff since they probably gave a good chunk of their holiday time to mitigate it.
As a quick and really basic summary Log4j is a logging tool that is widely used in all types of software and hardware. You definitely have a service or a device that is affected by this zero day exploit that device can be your office server, printer, smart fridge or router at home. That is why it is so important that you go thorough and update all the devices and software that you use both in your private life and professional setting. If not mitigated there is a high chance attackers will try to break into your system to steal data, passwords or infect your networks with malicious software.
The most notable attack that has been publicised due to Log4j is the Belgium Ministry of Defence attack that took down e-mail servers. But this is probably just the start with ransomware gangs quickly adapting the exploit to start cashing in on victims to slow to update their environments.
CYBER SECURITY IN THE NEWS