Skip to main content

Log4j – What you should know, and what you can do

Log4j is a utility program which is everywhere-present seeking out security information for all kinds of consumer and enterprise services which include websites, ecommerce, banking, applications and all kinds of tech products.

Log4j

Viruses, Pandemics, hacks… it seems like during these somewhat dark days of winter we are inundated with them. As we all rush out to get our “boosters”, there is a hack out there that you have probably heard of, which threatens not your body, but your business and perhaps the world wide web itself. It’s called the Log4j hack. I think many of us underestimated the COVID virus many months ago, and I suspect that we might also be underestimating this Log4j hack.

What is Log4j?

Log4j is a utility program which is everywhere-present seeking out security information for all kinds of consumer and enterprise services which include websites, ecommerce, banking, applications and all kinds of tech products. With this hack the perpetrators can gather your secure information, steal data or even take control of your system perhaps leading to a “ransom” situation.

What can you do? For average folks; not much. However, no matter what, you need to be sure that every application that you have is up-to-date. In other words check Windows updates to be sure that you have all the Microsoft security updates. Check your apps, your phone, your tablets to be sure all security updates are done. And then hope for the best.

The cloud, however – that’s a different story. Service providers have been scrambling to patch the vulnerability. Microsoft, Amazon, Google and others are working furiously to counteract the damage that this thing can do – and make sure it cannot affect us in the future.

Dedication and Compassion

On our part at Dunham, we have been working long hours to be sure that there are no vulnerabilities on our servers. Some of our people worked through last weekend and into the late hours to be sure that our servers and clients’ websites were locked down. Their commitment and dedication has kept our clients safe.

None of us are quite sure why the world is filled with people that want to attack the innocent. Maybe it’s because computers don’t have names, or children. But it has always been thus and now they have a new digital theatre in which to perform, and this is not a victimless crime. Maybe the best thing we can do is to teach our children (and remind ourselves) that there are people with feelings and families at the other end of our phones and computers, and not say or write anything on a device that we wouldn’t say in person. Technology should never be used as a mask that excuses us from practicing compassion and common decency – especially at this time of year.

In the meantime, you can rest assured there are teams of people around the world working to bring an end to this – and your programmers and consultants at Dunham are a vital part of that work. To learn more, read this post on Dunham Connect.

Related pages: Cybersecurity – Is it possible?, IT: The backbone of successful business


Is this a program we should have?


No, no - log4j is used on web servers - though not all, and not on home computers. So Facebook, Netflix or Spotify MAY use it in the cloud, and AWS - the largest Cloud provider, does use it. AWS has patched any of their own services.


As always I am so appreciative of all you do for your clients. I feel blessed that you have taken such good care of us over these many years. Your efforts on behalf of your clients are stellar!! May you and all the team at Dunham have a safe and light filled holiday season


Thanks, Linda!

Leave a Comment

Ready to reach more customers online? Tell us about your project and let's get started.

Request a Quote