Log 4 What

This week, the “Log4j” vulnerability has made news headlines across the globe. Because the vulnerability impacts Apache, a web service used by countless web servers, firewalls, and other systems around the world, the scope of the Log4j vulnerability is vast. Instead of focusing on the technical aspects of this particular vulnerability, however, this is a good opportunity to take a moment and understand how vulnerabilities like this are exploited by attackers, and how you can keep your business safe.

Analogy:
Imagine a peaceful suburban neighborhood with beautiful homes lining both sides of the street. Living in such a quiet area, some homeowners have become complacent with their homes’ security and occasionally leave their windows open. A privy burglar discovers this new opportunity and starts planning his attack. This is no ordinary burglar, though. He is experienced, sophisticated, and has technology on his side. The burglar has built a special camera system on the top of his car that can automatically find and identify homes with open windows as he drives past them. Not only that, but the cameras can see far inside the windows to determine if there are any jewelry boxes sitting in plain sight. In just a few quick loops of the neighborhood, the burglar has a short list of vulnerable homes he can focus on. The burglar then strategically hits each of the homes, stealing their belongings without a trace.

Explanation

In this analogy:

  1. Each of the homeowners is a business owner.
  2. Their homes are the business’s firewalls.
  3. The open windows are open “ports” in the firewalls.
  4. The jewelry boxes are the business’s data and sensitive information.
  5. And finally, the burglar’s car/camera system is a “Botnet.”

Contrary to popular belief, most businesses that suffer a cyber-attack weren’t specifically targeted by attackers. Instead, attackers use Botnets to scan the internet for vulnerable businesses, and then they try to exploit that shortlist just like our burglar did. Business who are foolish enough to “leave their windows open” make it quite easy for threat actors to successfully attack them.

Connecting the Dots

The Log4j vulnerability is not unlike many other technology vulnerabilities in that it can only be exploited if an attacker can “see” the Apache Log4j system on the open internet. Technically, an attacker could exploit it if the system wasn’t visible on the open internet, but only if they were already “inside your house.” Businesses that focus on their cybersecurity defenses and have a professional team to conduct routine vulnerability assessments will have already identified and closed their “open windows,” safeguarding them from attacks against the Log4j vulnerability.

The Takeaway

Small businesses often assume they are at a low risk for cyber-attack because they aren’t a significant or valuable target. Others may understand their risks but assume they can’t afford to implement adequate protection. The truth is: Today’s technology allows threat actors to scan the entire internet quickly and easily for vulnerable businesses, leaving no business too small to target. At the same time, mature managed I.T. service providers (“MSPs”), such as Digital Boardwalk, have developed comprehensive and affordable cybersecurity solutions to protect their clients. Simple actions, such as making sure there are no open ports in a business’s firewall, can go a long way in protecting them from common cyber-attacks and new vulnerabilities. Mature MSPs also proactively monitor for vulnerabilities like Log4j and follow formal processes for identifying risks and implementing safeguards.