cybersecurityThe cybersecurity community began to hear about a new computer bug discovered in a popular piece of code on December 9. Nearly every major software company was now in crisis mode trying to find out what had happened and how they could fix it.

Security experts used descriptions to describe the vulnerability in a very common section of code, log4j border on apocalyptic.

Jen Easterly, U.S. Cybersecurity and Infrastructure Security Agency director, stated that the log4j vulnerability was “the most serious vulnerability” in a Thursday interview with CNBC.

Why is this software causing such panic? And should regular computer users be concerned?

Log4j: What is it and where did it come?

Log4j is a piece of code that allows software applications to keep track of past activities. Developers don’t have to create a new “logging” component every time they build new software. Instead, they can use existing code such as log4j. It is free and widely used on the Internet, appearing in large parts of Internet services.

Log4j attempts to add the new entry to the record each time it is asked. The cybersecurity community discovered that if log4j was asked to log malicious code, it would execute the code. This allowed bad actors to take control of log4j servers.

There are varying reports on who raised the concern about the vulnerability. Some claim it was discovered in a Minecraft forum. Some others point to an analyst at Chinese tech company Alibaba as the source. Experts say this is the most serious software vulnerability in history, as it exposes a large number of sites, services and devices.

Software bugs are everywhere. This one is different.

Log4j is a very popular piece of software. Imagine what would happen if the lock that is used to secure their doors was discovered to be inefficient. It is simple to switch one lock for a better one, but it would be a huge task to find all the buildings with that same defective lock.

Log4j is a part of Java’s programming language. This is the most fundamental way software has been written since mid-90s. Log4j is found in large swathes of modern computer code. These companies, such as Google, Amazon, and Microsoft, provide the digital backbone to millions of apps. Software sellers with millions of users, like Salesforce, Oracle, and IBM, are also at risk. At risk are also devices that connect to the Internet, such as security cameras and TVs. Hackers looking to gain access to digital spaces in order to steal data or install malicious software have an enormous new opportunity. It doesn’t necessarily mean that everything can be hacked. But it makes it much easier — almost as if half the businesses and homes in a city suddenly went out of business.

Hackers can also gain access to the heart and soul of any system they are trying to hack, bypassing all the security measures software companies put in place to protect against attacks. It’s a nightmare for cybersecurity experts.

How is the tech industry responding to this cybersecurity threat?

Since the vulnerability was discovered, computer programmers and data breach specialists have been hard at work fixing it in any piece of software that they are responsible. According to one employee, over 500 engineers at Google had gone through reams upon reams to ensure that the code was secure. This process was repeated at all types of tech companies, creating a whole new breed of memes that feature coders lamenting their miserable week.

Is it possible for hackers to already take advantage of it?

Hackers worked just as hard as security professionals to exploit log4j until the bug is fixed. Check Point, a cybersecurity software company, stated in a blog that hackers sent out 60 variations of the original exploit within a 24-hour period. It has been used by hackers to gain access to nearly half the corporate networks in the world.

Although the bug has been around for many years, criminal hackers are unlikely to have discovered it before now. Security experts would have noticed it being used previously if they had. It doesn’t necessarily mean that hackers working for governments such as the United States, Russia or Israel haven’t used this bug before.

CISA has given federal civil agencies a December 24 deadline to patch log4j. Even though engineers are working round-the-clock to meet the deadline, hackers could have gained access to hundreds of thousands more sites and services. Sometimes hackers will install malicious code or “backdoors” that remain even after the log4j issue is fixed. Security experts will need to identify and remove these back doors.

This vulnerability gives ransomware hackers a new way to hack into computers networks and lock out their owners. This type of attack has increased in recent years. Hospitals, local governments, and businesses have all been targeted. They are asked to send cryptocurrency in millions to hackers to avoid being locked out of computers indefinitely or having their sensitive information exposed.

What can we do to help?

Hackers must send malicious code to log4j to take advantage of this vulnerability. Phishing emails, which are messages designed to trick you into opening attachments or clicking on a link, is one way hackers can exploit the vulnerability. Watch out for phishing emails as hackers try to spread bad code as much as possible.

Do not open attachments or links in emails claiming that your account has been compromised. Check that you have an account with the company and that you are expecting mail from them. Next, search online for a customer service number or an address and contact them.

Regular computer users should ensure that the latest versions of all apps are installed. Developers will soon release patches to fix log4j issues. It is important that you download those patches quickly.

SpartanTec, Inc. can help you and your employees stay safe by providing network monitoring, employee training and patch updates.

SpartanTec, Inc.
Columbia, SC 29201
(803) 408-7166

Serving: Myrtle Beach, North Myrtle Beach, Columbia, Wilmington, Fayetteville, Florence, Charleston