In 1299 BC Epeius would construct a towering wooden horse that would be unassumingly rolled
passed the formidable defences of Troy. This momentous offering to Athena, which was promised to
ensure the continued impregnability of Troy, would be accredited for one of the most cunning
manoeuvres in military history. Following on from having the horse inveigled itself through the city
gates and having hoodwinked the city into celebrating their victory, the warriors of Greece would
sneak out of the hollow bowls of the wooden horse. With the city sleeping, the Greek soldiers would
filter through the streets, sacking and pillaging Troy. Having exploited the element of surprise, they
would go onto open the gates to the remaining army hiding in the shadows outside the walls.
Consequently, to deceive someone/something is commonly referred to as a ‘Trojan Horse’.
Correspondingly, many cyber threats also use the same guise to dupe people into releasing personal
data or corrupting their cyber defences. One such vulnerability is in Log4J, the online doomsday
book that logs the activity in software applications and online services. As such, it is often referred to
as the ‘Software library’.
This hive of software activity, that tracks and logs large flows of data, is a key source of knowledge.
Therefore, it is an essential building block of contemporary software and is used in many aspects of
the internet. Consequently, any breach of Log4J could have devastating consequences. In turn,
exposure of the logged data in this system presents a threat that can extract data, steal passwords and
infect networks with parasitic software. Alas, by heeding the words of Thomas Hobbs, ‘Scientia
potential est’ (Knowledge is power), we must deny access to the 21 st -century fountain of knowledge
that is stored in Log4J from rogue cyber threats. The data that is tagged and logged can be utilised for
further development, operational and security purposes. This helps designers and engineers identify
problems and better navigate the endless tides of data. Ultimately, most of our devices use Log4J and
as our world continues to digitalise and harness the progressive winds of IOT it is essential that the
security of Log4J is prioritised. Supporting this is the realisation that the threat landscape is expanding
and becoming more sophisticated. The Log4J vulnerability identified was Log4shell, which was able
to coordinate remote code execution and information disclosure. As a consequence, governments,
organisations, individuals and enterprises were exposed to the malicious intentions of cyber-attacks.
Critically, in a world that is witnessing the weaponization of the internet, it is important to implement
strategies that insulate systems from falling victim to cyber-threats. Actions such as installing the
latest updates on internet-facing and non-internet facing aspects of Log4J should be the first buffer
against vulnerabilities. Secondly, organisations should identify the unknown instances which Log4J is
used. This should help lower the probability of there being a gap in a system’s defence. Lastly,
organisations should pursue a multi-angle approach to security, engaging in several protective
network monitory/ blocking services. This could include reviewing the terms of the web application
firewalls, as some variants of the threat may bypass some WAF rulings. Overall, the key defence to
Log4J vulnerabilities is awareness of the threat. In doing so, you may be able to identify the trojan
horse before granting it free passage beyond a system’s walls of defence.
In conclusion, the threat landscape has expanded and with it is an increased vulnerability to our data.
The vulnerability in Log4J is among the many challenges that we face in securing our network
systems. We must remain agile and flexible when pursuing a multi-layered defence strategy. If we fail
to rise to the challenge, the scale of disruption will revibrate through every inch of silicon, flicker
across every screen and expose us to the malign nature of theft, extortion and fraud. There are forces
out there looking to emulate the trickery of Troy, let’s not let history repeat itself.
By Henri Willmott