Skip to main content

National Cyber Security Centre Updates Log4j Vulnerabilities

By 24th February 2022February 28th, 2022Blog3 min read

The National Cyber Security Centre (NCSC) has issued an update to its warning about a newly-detected vulnerability in the commonly-used Log4j tool, which could compromise the security of those running online services.

It noted that the critical vulnerability – Log4shell – could impact a wide range of companies, individuals and governments. The original warning was issued earlier this month, noting that it affected versions 2.0-beta9 to 2.14.1. and was being observed around the world, not just in the UK.

While fixes have been issued, they are not automatic and will need to be implemented. Therefore anyone not sure how to do this, or if they are still vulnerable, should seek help from IT Support services.

The update noted that individuals are likely to have Log4j in the devices and services they use every day, and therefore devises and apps need to be as up to date as possible and should be updated regularly, especially over the next few weeks.

In addition, nearly all software will have some capacity to log and Log4j is a common component deployed for this purpose.

Anyone unsure if they use Log4j has been advised to “ask your in-house developers and/or third-party suppliers. We have asked that developers of affected software communicate promptly with their customers to enable them to apply available mitigations or install updates.”

It added: “In turn, you should act promptly on any such communications from developers.”

Such vulnerabilities are not an uncommon occurrence, which is why it is important for firms to keep regularly up-to-date with news of threats and also get help from IT experts when an issue arises that is likely to affect them, which is sure to be the case for many if not most firms using Log4j.

While some issues can relate to general problems on platforms with many users, providing a broad threat, others continue to be specific to certain companies, who can be targeted for attack or may have in-house systems with vulnerabilities.

Earlier this month, the NCSC issued a statement regarding a cyber attack on the supermarket retailer Spar, which had led to around 300 stores in the north of England being hit.

It targeted Preston-based James Hall & Co, which operates tills and IT systems at stores across the region. Affected stores were unable to take card payments and were forced to only accept cash payments. This would have prevented some shoppers from paying from their groceries, and in some cases stores had to close down.

The NCSC said: “We are aware of an incident affecting some SPAR stores serviced by James Hall and Co in the North of England and are working with partners in response,” adding that James Hall was now bringing those stores back online.

Such attacks are usually carried out using ransomware, in a bid to force retailers to pay large sums to be able to operate their systems again.

The NCSC confirmed this attack used ransomware, and advised that all firms need to be aware of the danger it poses and keep their systems up to date to protect against it.