The Department of Civil Protection and Emergency Management has declared an uncertainty phase due to the Log4j vulnerability affecting computer networks worldwide. Since last week, Icelandic authorities have been working to minimise the damage the vulnerability could potentially cause. The Log4j vulnerability primary affects businesses by putting their computer systems at risk of hacking.
“The severity of the vulnerability lies first and foremost in how widespread the Log4j code library is and the depth and richness of the access it can provide to internal systems,” according to a notice from the Civil Protection Department. The notice points out that the vulnerability is not unique to Iceland but a global problem. “The public does not have to be particularly afraid of it regarding their home computers or mobile phones. However, it is always a good rule of thumb to update your virus protection and other software as soon as updates are announced.”
Businesses encouraged to review all systems
Network and computer system operators in Iceland are encouraged to review all systems where the vulnerability could be present and updated them as soon as updates are available. Authorities also underline the importance of monitoring systems following an update in order to assess whether there are indications that the vulnerability was used to install malware while the systems were weak.
The National Police Commissioner declared the uncertainty phase after consultation with computer emergency response team CERT-IS and the Electronic Communications Office of Iceland (ECOI). The Civil Protection Department and CERT-IS have activated their response plan for the protection of essential information infrastructure due to the vulnerability.