singtel logo
Personal
Business
Products & Services
SMB
Enterprise
Insights
Support
Why Us
About Us

What is Log4J and what should SMBs do?

A vulnerability was found in Log4j, an open-source logging library commonly used by apps and services across the internet. If left unfixed, attackers can break into systems, steal data or credentials, and take control of real-world infrastructure.

FacebookTwitterLinkedIn
What is Log4J and what should SMBs do?

1.     What is Log4J

Log4j is an open-source Java package used to support activity-logging in many Java-based applications. As it is widely used by developers, this vulnerability can have very serious consequences. Successful exploitation of this vulnerability will allow an attacker to take over the computers and networks of any organisation running the program. The situation is evolving rapidly and there have already been numerous observations of ongoing attempts by threat actors to scan for and attack vulnerable systems. 

2.     What is the issue?

A vulnerability was found in Log4j, an open-source logging library commonly used by apps and services across the internet. If left unfixed, attackers can break into systems, steal data or credentials, and take control of real-world infrastructure.

Log4j is used worldwide across software applications and online services, and the vulnerability requires very little expertise to exploit. This makes Log4shell potentially the most severe computer vulnerability in years. 

The Log4j exploit allows threat actors to take over compromised web-facing servers by feeding them a malicious text string. It exists within Log4j, an open-source Apache library for logging errors and events in Java-based applications. Third-party logging solutions like Log4j are a common way for software developers to log data within an application without building a custom solution. 

3.     Are you vulnerable?

Systems and services that use the Java logging library, Apache Log4j 2 between versions 2.0-beta9 and 2.14.1, are all affected. Log4j 2 is built into popular frameworks, including Apache Struts2 and others. With its widespread adoption, many third-party apps are likely vulnerable, revealing a vast attack surface.  

The Apache Foundation has released Log4j 2 Version 2.15.0 to address the vulnerability. Users and administrators are prompted to review the Apache Log4j 2 2.15.0 Announcement and upgrade to Log4j 2 version 2.15.0 or greater, or apply the recommended mitigations immediately. 

4.     Potential cybersecurity attacks

  • Malware
  • Ransomware
  • Data Theft
  • Illegal cryptomining
  • Illicit access to corporate networks    

5.     What should businesses do?

End-Users:

  • Patch to the latest updates immediately, especially for users of Apache Log4j with affected versions between 2.0 and 2.14.1. They are advised to upgrade to the latest version 2.16.0 immediately.
  • Determine if Log4j is used in other instances within their system.
  • Heighten monitoring for anomalous activity; deploy Protective Network Monitoring and Review System Logs.

Product Developers:

  • Identify, mitigate and develop patches for affected products that utilise Log4j.
  • Inform end-users of your products that contain this vulnerability and strongly urge them to prioritise software updates.

Businesses can refer to SingCERT’s advisory for the latest updates: https://www.csa.gov.sg/en/singcert/Advisories/ad-2021-010

List of vendors affected & their fixes: https://github.com/NCSC-NL/log4shell/tree/main/software

6. How can you get yourself protected?

For Users:

  1. Endpoint Security
  2. Unified Threat Management
  3. Security-as-a-Service
  4. Managed Security Services

For Developers:

  1. Vulnerability Assessment
  2. Penetration Testing

 

7. Are the current list of Singtel Cybersecurity services* affected?

  • Broadband Protect: No
  • Business Protect Basic: No
  • FortiGate Unified Threat Management: No
  • Palo Alto NGFW: No
  • Palo Alto Cortex: No
  • TrendMicro Worry Free: No
  • TrendMicro ApexOne: No

 

References

https://www.csa.gov.sg/News/Press-Releases/csa-raises-alert-in-light-of-the-apache-java-logging-library-log4j-vulnerability

https://www.ncsc.gov.uk/information/log4j-vulnerability-what-everyone-needs-to-know

https://blog.morphisec.com/protection-against-log4j-vulnerability-what-actions-to-take

https://www.onetrust.com/blog/log4j-2-vulnerability/

https://www.gartner.com/en/articles/what-security-leaders-need-to-know-and-do-about-the-log4j-vulnerability

https://venturebeat.com/2021/12/16/with-log4j-vulnerability-the-full-impact-has-yet-to-come/

https://www.csa.gov.sg/News/Press-Releases/csa-raises-alert-in-light-of-the-apache-java-logging-library-log4j-vulnerability

Other articles you may like

How the Productivity Solutions Grant helps SMBs stay competitiveShare
Nov 2024 | Business Connect
SMB, digitalisation
How the PSG helps SMBs stay competitive
Innovation and technology need not be out-of-reach and expensive. For SMBs willing to take the jump, the Productivity Solutions Grant (PSG) helps to support companies keen on adopting IT solutions.
Read More
5 basic SMB cybersecurity tips that still work todayShare
Nov 2024 | Business Connect
SMB, cyber security, cloud, digitalisation
5 basic SMB cybersecurity tips that still work today
Owing to their smaller sizes and lack of resources compared to larger enterprises, SMBs can become easier targets for cyber criminals. By following these tried-and-tested cybersecurity best practices, they can reduce the odds of cyber incidents today.
Read More
5 things to consider when choosing your business broadbandShare
Nov 2024 | Business Connect
SMB, digitalisation, connectivity
5 things to consider when choosing your business broadband
Whether you are a new business setting up broadband for your office, or you're looking to switch to another plan, keep in mind these five questions before you make the decision.
Read More
Load more

Ready to get more out of digitalising your business?

© Singtel (CRN: 199201624D) All Rights Reserved.