16th December 2021
A vulnerability has been found within Apache Foundation Log4j2 (‘Log4j2’) that could enable attackers to access IT systems from where they could deploy cyber attacks such as ransomware.
The vulnerability is almost certain to be in most, if not all organisations in some way and cyber criminals will be scanning for this vulnerability.
Digital Social Care has published advice from NHSX and shared this widely, including with Local Support Organisations.
The main message is that care providers should notify their IT teams or person responsible for IT, and ensure actions are taken. The primary action is for IT leads to work with their digital / IT suppliers and follow their advice about mitigating cyber vulnerabilities. This is most likely to be to install the latest software updates.
Further details are available in the NHSX briefing on Digital Social Care which will be updated as more information becomes available.