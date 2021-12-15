



Jennifer Corn

A serious flaw in widely used software can be alerted by cybersecurity experts and large companies competing to solve the problem.

Reported late last week, this vulnerability lies in Java-based software called “Log4j” that large organizations use to configure their applications and poses a potential risk to much of the Internet.

According to security researchers, Apple’s cloud computing service, security company Cloudflare, and one of the world’s most popular video games, Minecraft, is one of many services that run Log4j.

Jen Eastary, head of the Department of Homeland Security’s Cyber ​​Security and Infrastructure Security Agency (CISA), called it “one of the most serious flaws” in her career. In a statement on Saturday, Easternly stated that an “increasing set of hackers” is actively trying to exploit this vulnerability.

As of Tuesday, there were more than 100 hacking attempts per minute, according to this week’s data from cybersecurity company checkpoints.

“It takes years to deal with this while the attacker sees it on a daily basis. [to exploit it]”” Said David Kennedy, CEO of cybersecurity firm TrustedSec. “This is a time bomb for businesses.”

Here’s what you need to know:

What is Log4j? Why is it important?

According to cybersecurity experts, Log4j is one of the most popular log libraries used online. Log4j provides software developers with a way to keep track of activities used for various purposes such as troubleshooting, auditing, and data tracking. Being open source and free, the library has basically access to every part of the internet.

“It’s everywhere. Even developers who don’t use Log4j directly may be running vulnerable code because one of the open source libraries they use depends on Log4j,” Cyber ​​said. Chris Eng, Chief Research Officer at security company Veracode, told CNN. jobs. “This is the nature of software. It’s always a turtle.”

Companies such as Apple, IBM, Oracle, Cisco, Google, and Amazon are all running software. It can be found in popular apps and websites, exposing hundreds of millions of devices around the world to access these services.

Are hackers abusing it?

According to cybersecurity firm Cloudflare, attackers were more than a week ahead of exploiting software flaws before they were exposed. With so many hacking attempts going on every day, some are worried that the worst is about to come.

“Sophisticated, more advanced threat actors will find ways to actually use the vulnerabilities as a weapon to maximize their profits,” said Mark Ostrovsky, Head of Engineering at Check Point, on Tuesday. Said.

Late Tuesday, Microsoft said in an update to its blog post that state-sponsored hackers from China, Iran, North Korea and Turkey attempted to exploit a flaw in Log4j.

Why is this security flaw so bad?

Experts are particularly concerned about this vulnerability because hackers can easily access the company’s computer servers to break into other parts of the network. According to Kennedy, it’s also very difficult to find vulnerabilities and see if a system has already been compromised.

In addition, a second vulnerability in Log4j’s system was discovered late Tuesday. The Apache Software Foundation, a non-profit organization that developed Log4j and other open source software, has released security patches that your organization can apply.

How are companies tackling this issue?

Last week, Minecraft published a blog post announcing the discovery of a vulnerability in that version of the game and immediately published a fix. Other companies are taking similar steps.

IBM, Oracle, AWS, and Cloudflare all issue advisories to our customers, pushing security updates and outlining possible patch plans.

“This is a very serious bug, but it’s not as easy to patch as a major traditional vulnerability. It takes a lot of time and effort,” says Kennedy.

To help with transparency and reduce false information, CISA said it will open a public website with up-to-date information on software products affected by the vulnerability and how hackers exploited them.

What can you do to protect yourself?

The pressure is primarily to act on the enterprise. For now, every time a company prompts for the next few days or weeks, it needs to update their devices, software, and apps.

What’s next?

The US government has warned affected companies to stay vigilant during ransomware and cyberattack vacations.

Increasingly more malicious attackers are concerned about exploiting this vulnerability in new ways, and large tech companies have security teams in place to address these potential threats. It’s possible, but many other organizations don’t.

“I’m most concerned about school districts, hospitals, one IT person doing security, and no time, security budgets or tools,” said Katie Nickels, director of cybersecurity intelligence. I am saying. A solid red canary. “These are the organizations I’m most worried about — small organizations with low security budgets.”

The-CNN-Wire ™ & © 2021 Cable News Network, Inc., Warner Media Company. all rights reserved.

Sean Lyngaas contributed to this report.

