Tech Secure – Log4J: The Worst Security Threat Ever is Affecting the Entire Internet

The entire internet is currently experiencing a major cybersecurity threat. Experts in security research are calling this one of the most severe security threats the world has even seen.

You likely have not even heard much about it, but you’re excused as, unusually for a cybersecurity alert, it is not impacting the normal computers you use every day for your business.

Instead, it is affecting the servers that power much of the web. However, read on and we will reveal some small security measures that you can take to keep you and your team safe online.

The team at PinPoint Networks work to ensure businesses in Chichester and surrounding areas are safe from cybersecurity threats. We created this blog to provide you with a simple guide to what’s happened and what the implications are for you, making sure to leave out any overcomplicated tech jargon.

The problems were first noticed within the highly popular game Minecraft at the end of December.

However, it quickly became clear that the issue wasn’t contained to one game, but rather millions of web applications have been affected, including Apple’s iCloud.

The issue arose from a security flaw in a piece of software called Log4j. The purpose of this software is to keep a record of everything going on within applications. Developers use this record to track down problems and amend them.

Open-source software, like Log4j, is developed by coders in their spare time, and is free for anyone to use. This allows millions of developers to save time by using it, rather than logging their own software – creating an efficient way to create new applications.

However, the widespread use of Log4j software means the security flaw – named Log4Shell – is now affecting millions of machines and millions of pieces of software.

So, even though the computers you use in your business are not affected, many of the services you use daily are.

The Log4Shell security flaw means hackers can run any code they like on the affected servers. This allows them to steal data, run other software, and delete information on the affected servers. Experts believe that the flaw allows almost anyone to run malicious code with ease.

What will happen next?

Experts were able to quickly fix the problem. They released a patch, imagine it like a plaster, to fix the flaw. The next more challenging step is updating all the software that uses Log4j and is now affected.

The patch may take several months to be applied universally to the many millions of pieces of software that use Log4j. Experts think there may always be some web applications that are never updated to remove the flaw.

The impact on you and your business will now become more apparent, as experts expect to see an increase in website hacks in the coming months.

E-commerce sites that do not apply the patch quickly could find hackers have stolen their customers’ details and card numbers, increasing the risk of identity theft.

On other sites you visit malicious software may attempt to secretly download software onto your device.

Keep you and your team safe online now by implementing some of the following measures:

• Use long and randomly generated passwords
• Never use the same password on multiple sites
• Use a password manager to remember passwords for you
• Pay closer attention to your card statements in the coming months

Of course, keeping your business’s computers up to date is always a good idea, as well as ensuring all software patches are applied.

Our team at PinPoint Networks are on hand to help, based in Chichester we help businesses all around the UK stay secure online and protected from malicious malware.