Seamlessly Host, Manage & Grow Your Managed VPS Site
  • Free & Effortless WP Migration
  • 24/7 Worry-Free Support
  • Anytime Money-back Guarantee
See Managed VPS Plans
  1. /
  2. Blog
  3. /
  4. Service Updates
  5. /
  6. What Is Log4Shell and How Does It Affect ScalaHosting?

What Is Log4Shell and How Does It Affect ScalaHosting?

By Borislav Tonev |
LinkedIn

On November 24, security experts from Alibaba Cloud discovered a vulnerability in a popular Java logging framework called Log4j 2. They got in touch with The Apache Software Foundation, the organization responsible for developing Log4j, disclosed the bug, and helped with the release of a patch.

The update was rolled out on December 6, and three days later, the whole thing was reported publicly. The vulnerability earned a nickname, Log4Shell, and even today, more than two weeks later, it continues to be a central topic for many tech-oriented news outlets.

But what’s all the fuss about?

What Is Log4Shell?

Log4Shell, also known as CVE-2021-44228, is a zero-day vulnerability. A security bug is classified as a zero-day when the creator of the affected software is unaware of the problem and is unable to produce a patch for a long time.

In this particular instance, the vulnerable code was added to Log4j way back in 2013. Theoretically, hackers had eight years during which they could have exploited the security hole without anyone having the ability to stop them.

The bug lies with the way Log4j uses the Java Naming and Directory Interface (JNDI) API and the Lightweight Directory Access Protocol (LDAP) to allow lookups of Java objects.

While Log4j is logging a string, JNDI can be tricked into using LDAP to load an object from a remote location. Thanks to the lack of code sanitation measures, a resourceful hacker can run just about anything they want on the target machine.

It must be said that vulnerabilities are discovered in all sorts of software products every day. Usually, they are quickly patched and rarely prompt a particularly noteworthy response. However, with Log4Shell, things might be a little bit different.

How Bad Is It?

We all know that sometimes, in an attempt to draw as many clicks as they can, the media tend to blow a problem completely out of proportion, especially when we’re talking about niche fields like cybersecurity. Well, with Log4Shell, this is not the case.

It’s been described as “the most critical vulnerability in a decade,” and experts from Check Point reckon that it could mark the start of a “cyber pandemic” with potentially “incalculable” damages. They certainly have the figures to back those claims.

Check Point started monitoring the activity surrounding Log4Shell as soon as the bug was disclosed. Within 24 hours, they’d seen more than 60 different variations of the original exploit. In just three days, their sensors registered more than 800 thousand attempted attacks.

They say they have managed to mitigate around 4.3 million exploitation attempts and emphasize the danger posed to business organizations. According to their report, they have already seen attempted exploits against very nearly half of all corporate networks in the world.

In other words, yes, Log4Shell is a very serious problem. But what makes it so bad?

There are three main factors contributing to Log4Shell’s popularity with hackers:

It allows arbitrary remote code execution

The fact that cybercriminals can load and execute a remote script or file via Log4Shell means that the variety of payloads they can drop on the attacked machine is pretty much limitless. They have already demonstrated this.

Some attackers are trying to deploy cryptocurrency miners on the targeted machines. Others use the vulnerability to recruit more devices into their botnets, others still employ it to send spam, etc.

It’s easy to exploit

Part of the reason for the enormous volume of Log4Shell-related malicious activity is the readily available exploits and the fact that pretty much anyone can mount an attack. Because it’s so easy to take advantage of the vulnerability, the vast majority of Log4Shell activity comes from people who aren’t sophisticated enough to do any real damage.

That being said, experienced cybercriminals also use Log4Shell, and they’ve already caused some pretty high-profile incidents. On December 20, for example, the Belgian Defense Ministry admitted that hackers had used Log4Shell to bring some of its networks down.

Log4j is pretty much everywhere

Log4j was developed way back in 2001 to solve the lack of logging capabilities in the original Java Development Kit. Over the years, we’ve seen the appearance of frameworks serving the same purpose, but it would appear Log4j has remained one of the most popular choices.

It’s now a part of thousands of software packages, and it’s pretty much everywhere. Even if you haven’t installed it yourself, it may have been set up by one of the applications you’re using in your everyday life. As a result, properly patching the vulnerability is dependent on many parties and may not be particularly easy. This is a problem because hackers have access to scanners that can determine whether you’re vulnerable in seconds.

Vendors are scrambling to roll out updates, mitigate the dozens of available attack vectors, and let users know they need to update. However, with so many different applications deployed on such a large number of devices, we’re unlikely to see the problem go away for good any time soon.

ScalaHosting and Log4Shell

As a hosting provider, we can’t afford to ignore a threat like Log4Shell. The vulnerability is easily exploitable, and the affected framework is widely available. Because of this, we, alongside our data center partners, monitor our networks closely for any sign of suspicious activity.

We work hard on making software updates as easy as possible for our customers, and we always apply the latest security patches to everything that runs on our servers.

SShield, our proprietary AI-powered security system, will alert you immediately if something’s not right. You can also be sure that our technical support experts will point you in the right direction if you can’t figure out what’s going on.

Mind you, if you use one of our managed SPanel VPS solutions, Log4Shell is not really a problem at all. The purpose of a managed VPS is to give you the right hosting environment out of the box, meaning we are the ones setting up your virtual machines and installing all the software required to host your project.

This software doesn’t include Log4j.

Conclusion

Log4Shell is not to be underestimated. The affected software is found in many devices worldwide, the hackers clearly won’t shy away from using the dozens of available exploits, and the patches aren’t applied quickly enough.

Quite a few tools can help you determine whether your devices are vulnerable to an attack, but regardless of what they tell you, you have to always keep your software applications up-to-date. This will protect you not only against Log4Shell but also against hundreds of other threats.

As for your ScalaHosting account, you can leave it to us.

LinkedIn

Was this article helpful?

What’s your goal today?

1. Find the right Managed VPS solution

If you’re looking for industry-leading speed, ease of use and reliability Try ScalaHosting with an unconditional money-back guarantee.

2. Make your website lighting fast

We guarantee to make your WordPress site load in less than 2 seconds on a managed VPS with ScalaHosting or give your money back. Fill out the form, and we’ll be in touch.

Make your website lighting fast—or your money back
Slow websites lose visitors and sales. See how you can surf tsunami sized traffic spikes—or any traffic—with ease with ScalaHosting. Fill out the form, and we’ll be in touch!
Please enter a valid name
Please enter a valid website
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

3. Streamline your clients’ hosting experience

If you’re a web studio or development agency hosting more than 30 websites, schedule a call with Vlad, our co-founder and CTO, and see how we can deliver unmatched value to both your business and your clients.

Photo

Need a custom cluster or professional advice?

Book a meeting and get a free 30-minute consultation with Vlad, co-founder & CTO of Scala Hosting, who will help you select, design and build the right solution - from a single data center cluster to a multi-region & multi-datacenter high availability cluster with hundreds of servers.

Book a free consultation

4. Learn how to grow your website in 2023

An all-star team of SEO and web influencers are sharing their secret knowledge for the first time in years. Learn about the future of SEO, Web Design best practices and the secrets to getting the foundation for your website to thrive. Watch the exclusive webinar.

An Exclusive Insiders Look Behind The SEO and Web Development Curtain

Related articles

cover image

SPanel Now Supports PHP 8.2

ScalaHosting-new-batch-81-1

ScalaHosting Launches Minecraft Hosting

Feature-image-1

New SPanel Update – Easier Joomla Integration, Minecraft servers, and more!