JAKARTA: There has been a recent unfortunate return of the Log4j security breaches that continue to haunt digital business players. The bug causes security gaps in the Log4j software which makes it prone to exploits by irresponsible parties. Log4j is one of the most widely used types of open-source software in the world, designed to keep records of every error and other important data of an application system.
The popularity of Log4j has contrarily played a part in its security weakness. There is a threat from the Log4Shell bug where hackers send malware into computers or cell phones. The first case appeared in the Minecraft application, a well-known online game from Microsoft.
Rizki Maulana, Consultant for Primary Guard Indonesia, explained that one of the effects of misuse of Log4j access was data leakage. Company data in Log4j can be taken and traded illegally. “In addition, hackers can also change words in the company’s information system into special codes. As a result, the framework in managing the software system of the application can also be manipulated,” added Rizki.
There have been instances where companies fail to recognize that their apps have been compromised by a bug. Rizki explained that there are several steps to mitigate the gaps that appear in the Log4j software, such as:
- Check the affected software version (Log4j version 2.0 – 2.14.1). If you already have an affected version, check the current version of Java.
- If you have Java 8, update to 2.16.0.
- Isolate network systems that are likely to be affected and it is important to review firewall rules between affected hosts and the rest of the company.
- Monitor outgoing traffic patterns. An example is a DMZ system initiating outgoing connections.
- Look for unauthorized configuration changes on the entire system.
“As a system integrator, Primary Guard offers a Log4j exploit prevention solution by using the addition of a Web Application Firewall (WAF). If the version of Log4j used in a company is found vulnerable to exploitation, it can be easily mitigated by a WAF that has been installed as a traffic filter to the company. The company can also implement several types of corporate information system protection products that are recommended by Primary Guard, including Cloudflare, Cato Networks, and Cloudfront from AWS.” concluded Rizki.
About Primary Guard
Primary Guard is a data protection company that provides security on the cloud, data analytics, and disaster recovery as a service (DRaaS). The company helps businesses minimize the impact of cyberthreats, improve efficiency, and maintain essential functions during or after disaster occurrences. Its innovative solutions offer business owners improved and uninterrupted day-to-day operations, giving them a competitive advantage in the international market.