5 Steps to Help Avoid the Log4j 2 Vulnerability

The cybersecurity community has categorized log4j 2 as a "perfect 10" in terms of criticality.

December 20, 2021

Cybersecurity

By Mark Carl

ALEXANDRIA, Va.—By now, you’ve probably seen the headlines about the latest widespread security vulnerability commonly known as “log4j 2.” As with other recent data breaches and security exposures, there are a few key steps you should take to avoid disruption to your business operations.

But, first, let’s take a brief look at the underlying issue. Log4j 2 is an open-source Java logging library found in many popular apps, services and devices your business might use. The security community has categorized the vulnerability as a "perfect 10" in terms of criticality because the Java software is extremely widespread, and the issue is relatively easy for cybercriminals to exploit.

In fact, the log4j 2 libraries are commonly used in Java-based applications that run on almost any device in the world that has a processor. That means, in addition to your computers, you need to worry about your ATMs, kiosks, POS systems, tank monitors, forecourt devices, car washes and anything else with a network connection. In other words, almost every device across your business.

To alleviate business risk, here’s what you can do:

  1. Follow cybersecurity best practices: Double check your best practices, especially for any systems or devices directly connected to the internet. Those connections represent the greatest risk beyond your secure perimeter, so minimize the internet exposure of your systems and assets.
  2. Know the products and tools your business uses: If you don’t have an IT expert on staff, check with your product vendors to see how they’re addressing potential vulnerabilities in their tools and products. Find out how they’re responding to this threat and what patching or mitigations might be required.
  3. Check in with your service providers: Your business is only as secure as your supply chain, so find out how your providers are responding. If fraudsters can infiltrate your service provider’s systems, they might also be able to penetrate your systems.
  4. Be vigilant in watching for the warning signs: Tools for threat prevention, detection and response are more critical than ever. You must be able to properly monitor all your systems and quickly identify threats from any mechanism, including zero-day threats like log4j 2. It’s also important to respond to an attack in real time.
  5. Keep your team informed: When a new vulnerability arises, it’s a great reminder to be proactive with your employees—make them aware of the threat and explain how they can help provide the first line of defense for your business. 

As the threat landscape continues to expand, following cybersecurity best practices is the best defense in protecting your business regardless of what new issues arise. As a business leader, you need to stay aware of the threats and have a reliable incident response plan. And, if you don’t have the right in-house expertise, you might want to look for a reputable security services provider to help you.

Mark Carl is the chief security officer at PDI. Before joining PDI in 2020, he served as CEO of ControlScan and led the continued expansion of its managed security services portfolio. Carl actively promotes data security standards within the convenience retail and petroleum wholesale markets.

Advertisement
Advertisement
Advertisement