Cybersecurity experts around the world are scrambling to sound the alarm about a newly discovered security vulnerability that could be used by attackers to easily infiltrate computer systems.The vulnerability is found in Log4j, an open-source logging library. Logging is a process where applications keep a record of computing activity, which can later be reviewed by an engineer. The vulnerability would allow an attacker to access a web server without proper credentials and then execute any number of malicious programs.
The vulnerability is particularly dangerous because of how widely implemented the Log4j library is. An update to the Log4j library has already been released in an attempt to mitigate the possibility of bad actors exploiting this vulnerability, but given the time to update systems around the world, the Log4Shell vulnerability will continue to be a threat.
The largest technology companies in the world are responding. Microsoft has issued an update to its servers for the company’s hit videogame Minecraft, where the vulnerability was being used by attackers to run programs on other players’ computers simply by pasting text into the game’s internal chat feature. Internet infrastructure company Cloudflare has reported to the Associated Press that it has no indication that any of its servers were compromised.
For companies relying on cloud-service vendors, this is yet another example of the necessity of proper due diligence of vendors’ cybersecurity capabilities, and the relevance of contractual provisions protecting companies when the cybersecurity practices of a vendor fail. While this vulnerability was a surprise to security experts worldwide, how quickly organizations respond will likely be the difference between those that suffer a related attack and those that do not.
Now is a good time to review your incident-response plans and ensure that your IT, legal, compliance and management teams are all working together and prepared to immediately respond to cloud-services vulnerabilities.
Proskauer’s Privacy and Cybersecurity Group is tracking these developments closely.