Wednesday, 15 December 2021

What is the Log4j vulnerability and should I be worried?

The news has been full of a new cyber-security threat that has been causing havoc since the start of the month.

Log4j, as it is known, is one of the worst server vulnerabilities to ever have been discovered.  In fact, some experts say it is the worst.  There's a really good summary of the threat here, on Wired.com: https://www.wired.com/story/log4j-log4shell/

The Log4j vulnerability gives hackers the opportunity to do virtually anything on a compromised server - from running bitcoin mining software (causing your server to run at full speed, essentially disabling all of your server running on it) to exposing user names and passwords, or even installing dreaded ransomware.

The UK has been particularly hit with attacks, as this graphic shows:

The UK and North America are amongst the areas seeing most hacking attempts

At Start Software, we take security really seriously and we have already checked the servers which run asbestos software Alpha Tracker, legal software Alpha Legal and all of our other systems.  We are urging clients who operate their own servers to check their systems and to make sure that all security patches are applied. 

For more information, contact Robin in the Telford (UK) office.

No comments:

Post a Comment