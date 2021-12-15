



The vulnerability, which was reported late last week, is in Java-based software known as “Log4j” that large organizations use to configure their applications – and this poses potential risks for many. part of the Internet.

Apple’s cloud service, security firm Cloudflare, and one of the world’s most popular video games, Minecraft, are among the many services that run Log4j, according to security researchers.

attempt to exploit the vulnerability. Jen Easterly, head of the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), called it “one of the most serious flaws” of his career. In one declaration On Saturday, Easterly said that “an increasing number” of hackers are activelyattempt to exploit the vulnerability.

Since Tuesday, more than 100 hacking attempts have been happening per minute, according to data this week from cybersecurity firm Check Point.

“It will take years to resolve this problem as attackers search … daily [to exploit it]”Said David Kennedy, CEO of cybersecurity firm TrustedSec.” It’s a time bomb for businesses. “ Here’s what you need to know: What is Log4j and why is it important? Log4j is one of the most popular logging libraries used online, according to cybersecurity experts. Log4j gives software developers a way to create an activity record to use for various purposes, such as troubleshooting, auditing, and data tracking. Because it is both open source and free, the library essentially touches all parts of the internet. “It’s ubiquitous. Even if you are a developer who does not directly use Log4j, you can still run the vulnerable code because one of the open source libraries you use depends on Log4j ”, Chris Eng, research director at the cybersecurity company . Veracode, told CNN Business. “This is the nature of software: it travels to the end. ” Companies such as Apple, IBM, Oracle, Cisco, Google, and Amazon all run the software. It could be present in popular apps and websites, and hundreds of millions of devices around the world that access these services could be at risk. Are hackers exploiting it? with so many With hacking attempts occurring every day, some fear the worst is yet to come. Attackers appear to have been over a week early to exploit the software flaw before it was publicly disclosed, according to Cloudflare cybersecurity company. Now,with so manyWith hacking attempts occurring every day, some fear the worst is yet to come. “Sophisticated and more experienced threat actors will find a way to really arm the vulnerability for the biggest payoff,” said Mark Ostrowski, chief engineering officer at Check Point, on Tuesday. Late Tuesday, Microsoft said in a update a blog post that state-backed hackers from China, Iran, North Korea and Turkey attempted to exploit the Log4j vulnerability. Why is this security breach so serious? Experts are particularly concerned about the vulnerability because hackers can easily gain access to a company’s computer server, giving them access to other parts of a network. It is also very difficult to find the vulnerability or to see if a system has already been compromised, according to Kennedy. In addition, a second vulnerability in Log4j’s system was discovered on Tuesday evening. Apache Software Foundation, a nonprofit organization that developed Log4j and other open source software, has released a security patch that organizations can apply. How are companies trying to solve the problem? Last week, Minecraft posted a blog post announcing that a vulnerability had been discovered in a version of its game – and quickly released a patch. Other companies have taken similar steps. IBM, Oracle, AWS, and Cloudflare have all issued advisories to customers, with a few push for security updates or describe their plans for possible fixes. “It’s such a serious bug, but it’s not like you can push a button to fix it like a traditional major vulnerability. It’s going to take a lot of time and effort,” Kennedy said. To be more transparent and to help reduce misinformation, the CISA said it will set up a public website with updates on the software products affected by the vulnerability and how hackers exploited them. What can you do to protect yourself? There is a lot of pressure on companies to take action. For now, people need to make sure to update devices, software, and apps when companies give prompts in the days and weeks to come. And after? The US government has issued a warning for affected businesses to be on high alert during the holidays for ransomware and cyber attacks. There are concerns that an increasing number of malicious actors are using the vulnerability in new ways, and while large tech companies may have the security teams in place to deal with these potential threats, many other organizations do not. “What concerns me the most are school districts, hospitals, places where there is a single IT person doing security who doesn’t have the time or the budget or the security tooling,” said Katie Nickels, Director of Intelligence at Cybersecurity. Red Canary farm. “It’s the organizations that worry me the most – small organizations with small security budgets. “

Sean Lyngaas contributed to this report.

