Cyber Alert: serious vulnerability in Apache Log4j software
How do you protect your business?
Apache Log4j is a software product used for logging notifications in software, such as login attempts. In addition, the software is built into many hundreds, if not thousands of other software products and applications. The chance that you as an entrepreneur will be or have been affected by this vulnerability is very likely.
What should you do?
Vulnerable systems are scanned worldwide. It is now known that malicious persons massively abuse this vulnerability. It is therefore wise to contact your software supplier(s) or IT service provider as soon as possible.
Ask the following questions about Apache Log4j
You can ask your IT Administrator the following questions:
- Is my company vulnerable to the critical vulnerability discovered in Apache Log4j?
- What measures should I take to prevent damage?
- What actions do you take to keep my digital business environment safe?
- What can I do / what are you doing to verify if my company has already been affected?
We have made a sample letter that you can use as a basis to ask the right questions to your IT Administrator and then take the right actions.
Websites to consult
Do you manage your IT yourself? Then we have put together a number of websites to consult:
- Checktool on Apache Log4j, developed by security company Northwave.
- Overview of applications using Apache Log4j.
- Information session – dated 15 December – of DTC, NCSC en CSIRT-DSP for IT-professionals about the vulnerability in Log4j software. Watch the session here.
- News of Nationaal Cyber Security Centrum (NCSC).
As advisor of the Cybersecurity Centre for Manufacturing Industry I can help you with increasing the digital safety of your company. Ask me a question and I will contact you soon.