Jisc is urging colleges and universities to quickly fix an “easily-exploited” flaw in widely used computer code that presents a “severe” risk of cyber attack.
The vulnerability in Log4J, a very widely used logging program for Java software, affects a large number of applications and software commonly used in the education and research sector.
Jisc has issued technical advice to members detailing how they must patch systems and warns that the situation will need monitoring for the foreseeable future.
In the meantime, one of the most effective means by which colleges and universities can protect their cyber space against the Log4J threat is to join the Janet Network resolver service.
Included as part of members’ subscriptions to Jisc, the Janet Network resolver service mitigates the risk of user’s web requests being directed to compromised or dangerous websites. The service has just been updated to block websites specifically relating to the Log4J vulnerability.
Jisc’s director of security, Henry Hughes, says:
“Criminals are always quick to take advantage of vulnerabilities and this one appears to be particularly easy to exploit.
“Suspicious activity connected to Log4J has already been reported in the education sector, so there's no time to lose.
“Organisations that don’t implement a programme of patching immediately will be at severe risk of cyber attacks.
“While software providers are issuing fixes, it’s difficult to get a clear and full picture of where the weakness are, so it’s likely that multiple patches will need applying over the coming months.
“We will continue to monitor the situation and will update and advise IT and security teams when necessary.
“We also continue to review our own systems, to ensure that they are not vulnerable, patching and updating the small number of systems that have found to have been affected.”
A small number of Jisc services were found to use Log4J and taken offline as a precautionary measure.
The Heidi Plus service remains temporarily suspended, however the dashboards for the building digital capabilities service, the Journal Usage Statistics Portal (JUSP) and IRUS and are now back online.
Find out more
- Member organisations that need help and advice should contact Jisc’s computer security incident response team (CSIRT)
- The National Cyber Security Centre has also issued advice
- Members that wish to start using Janet Network resolver service can do so through the cyber security portal, or contact their account manager
- Read the Log4j vulnerability and supply chain security blog post by Jon Hunt on Jisc involve
Updated 17 December 2021
Article updated to include information about the Janet Network resolver service and provide an update on a small number of Jisc services affected.
Updated 22 December 2021
Article updated to detail Jisc services that are back online.