Vulnerability in Widely Used Logging System Could Be Behind Recent Cyber Attacks
The vulnerability, if exploited, allows remote code execution on critical servers used across the internet.
Days before Prime Minister Narendra Modi’s Twitter account was “briefly compromised,” a vulnerability called the Log4Shell, which has put millions of devices at risk of being compromised or hacked, had been identified.
The vulnerability, if exploited, allows remote code execution on critical servers, which means that a malware could be imported by an attacker.
The vulnerability, found in Log4j, has security teams in some of the world’s biggest technology companies, including Microsoft, Amazon, Twitter, Cisco and IBM, scrambling for a solution.
Log4j is an open-source logging library used by apps and services across the internet.
What Does Log4J Do?
Applications keep an active list of tasks being performed which are available for review in case of an error. This process is called logging.
Almost all network security systems run some kind of logging process, giving libraries such as the log4j a vast reach.
What's the Risk?
Unless the vulnerability is fixed, it grants easy access to internal networks where cyber criminals can loot valuable data, plant malware, and erase crucial information.
Marcus Hutchins, a security researcher known for stopping the global WannaCry malware attack, had said in a tweet on 10 December, “This log4j (CVE-2021-44228) vulnerability is extremely bad. Millions of applications use Log4j for logging, and all the attacker needs to do is get the app to log a special string. So far iCloud, Steam, and Minecraft have all been confirmed vulnerable.”
Joe Sullivan, chief security officer for Cloudflare, was quoted as saying, “I’d be hard-pressed to think of a company that’s not at risk", The Guardian reported.
Moreover, millions of servers have the log4j installed and as per experts the result of this vulnerability would not be known for several days to come.
An Explanation for Spree of Recent Cyber Attacks?
Several cyber-attacks have taken place in the past few days. Attackers hacked Prime Minister Narendra Modi’s Twitter account and tweeted that 'Bitcoin was legal tender in India.'
Recently, Brazil's Health Ministry saw 50 TB of vaccination data deleted in a ransomware attack. While the BDO Unibank in the Philippines saw money transferred out of accounts in a sophisticated hack.
However, it is unclear at this stage whether these hacks exploited the same vulnerability.
Subscribe To Our Daily Newsletter And Get News Delivered Straight To Your Inbox.