THE SCOTTISH Business Resilience Centre (SBRC) is urgently calling on all organisations in Scotland to ensure their systems and devices are updated to mitigate the impact of a global vulnerability identified last week.
Log4j, a free piece of software often used on applications and servers to record or log activity by developers and IT professionals, last week reported a vulnerability – dubbed log4shell – which could allow hackers and cyber criminals to send malicious code to Log4j potentially resulting in irreparable harm to devices globally.
In a year where the National Cyber Security Centre (NCSC) has reported more cyber incidents than ever before, the SBRC is monitoring the situation and recommending immediate action from organisations, irrespective of sector. It has published an outline on what log4shell means and the steps individuals and organisations should take to mitigate the fallout here: https://www.sbrcentre.co.uk/log4shell-explained-in-simple-terms.
Additionally, to mitigate business and cyber risk, businesses are being urged to download the SRRC app to get the latest updates on Log4j as they come out. The app is available to download from the Android and Apple app stores.
Jude McCorry, CEO of SBRC, said: “While the impact of log4shell is yet undetermined, organisations could still be in the dark if they even use Log4j in their systems. All organisations must consider themselves at risk of this global vulnerability until it has been confirmed that they are not. There is no time to waste here; the SBRC is calling on all businesses to take action now to avoid potentially catastrophic results.”
“It is not just work devices that are on the line – personal devices are also at risk and so must be part of the updating process. Acting now and looking into other services that are used – including third-party software – will help to provide peace of mind. Given the meteoric rise in cyber incidents this year, individuals and organisations must turn to trusted sources to keep up to date on credible threats to operations like this. The SBRC app provides push notifications within minutes of the insight being received covering cyber threats with accurate guidance.”
For organisations concerned that they have been the victim of a log4shell, please contact the SBRC Incident Response Line on 01786 437 472.