BSI issues red alert for Log4J vulnerability

The BSI has declared a red alert level for the Log4j vulnerability on Saturday, Dec. 11, 2021. Numerous applications are threatened by the vulnerability.

According to media reports, the affected applications include iCloud and Minecraft, as well as a system from Tesla. Various federal agencies are also threatened by the vulnerability.

What is Log4j

Log4j is a logging library used for Java applications. It is used to aggregate log data, i.e. to record events on a server, in order to be able to evaluate them afterwards. Only certain versions of Log4j are affected by the vulnerability.

What threat does the vulnerability pose?

Criminals can exploit the vulnerability in Log4j to infect systems with cryptomers or attack them with botnets. The BSI is already aware of cases of this. In any case, attackers can exploit the gap to build a backdoor into the systems and, if necessary, exploit it later to carry out ransomware attacks, for example.

The BSI assumes the highest threat level 10 on the CVSS scale (Common Vulnerability Scoring System). It is not yet known in which applications Log4j is used. However, the vulnerability is widespread and criminals could easily exploit it. The BSI said that criminals are already scanning the network widely for the vulnerability.

What companies should do now

IT organizations in companies should increase their response and detection capabilities on the recommendation of the BSI. They should also obtain information from the BSI’s website. The BSI collects and publishes existing findings from security authorities, including which applications are affected by the vulnerability. The BSI also provides concrete recommendations on what companies can do to reduce risks. Among other things, companies should increase staffing levels to detect attacks early and be ready to respond. As soon as manufacturers provide updates to fix the vulnerability, they should be applied immediately.

If you have any questions about your company’s strategy to defend against IT threats, get in touch. Simply use our contact form to do so.

This post is also available in: German