Software security vulnerabilities in widely used computer networks have been compared to “cyber pandemics” by security analysts and governments.
A security flaw called Log4Shell, known as a “zero-day vulnerability”, Apache software Used in tens of thousands of computer networks around the world.
Last week’s discovery of the vulnerability launched international scrambling to patch holes to prevent hackers from stealing valuable sensitive information.
“Obviously, this vulnerability poses a serious risk,” said Jen Eastery, director of the Department of Homeland Security’s Cyber Security and Infrastructure Security Agency (CISA).
“We minimize the potential impact only through collaborative efforts between the government and the private sector. We strongly encourage all organizations to participate in this important effort and take action. I ask, “she said in a statement on Saturday.
Other cybersecurity experts call Log4Shell the most serious software vulnerability in history.
Security company CheckPoint Research calls this vulnerability a “true cyber pandemic.” According to the company, hackers who exploited the flaw had more than 800,000 network intrusions by December 11, two days after the software problem was revealed.
to be influenced Apache software Along with operational technology products, it is very widely used in a variety of consumer and enterprise services, websites and applications. This software is used to monitor security and performance information, and this flaw allows hackers to control affected systems, steal information, or mount other malicious software. increase.
CISA has not disclosed an attacker who exploits this vulnerability. CISA Director Easterly simply states that this flaw is “widely exploited by an ever-growing number of threat actors.”
This discovery was initially suspected of involving Chinese hackers.
However, security company McAfee said the flaw was first discovered by Chen Zhaojun of China’s Alibaba Cloud Security Team on November 24th.
Other security experts suspecting China is behind the attack may have preemptively disclosed the flaw in Beijing to protect other zero-day vulnerabilities or to distract allegations of exploiting the flaw. It states. China is known for running formidable military cyber operations, including the use of numerous researchers studying zero-day flawed software.
According to security companies Cloudflare and Cisco Talos, the first attacks on this hole began on December 1st and December 2nd.
Apache We have released a software patch for Log4Shell that is said to mitigate defects. However, systems that use the software remain vulnerable to cyberattacks until all versions of the software are patched.
“Given the seriousness of the vulnerability and the potential for increased exploitation by advanced cyber threat actors, CISA encourages vendors and users to patch,” the authorities said in a statement.
A spokesman for Amazon Web Services described the vulnerability as “serious.”
Cyber News outlet The Record reported that most cyber attacks from Log4Shell are related to professional crypto mining and denial of service botnets such as Mirai, Mustik, and Kinsing. These hackers are usually one of the first to exploit a software bug found.
According to the report, state-sponsored hackers and cyber-spy groups have not yet been observed. However, Microsoft said in a recent blog post that cyber detectives have begun to see the tactics used by state-owned hackers trying to backdoor their targeted software.
A similar widespread software flaw was last discovered in 2014, including a vulnerability called Heartbleed that affects OpenSSL security software.
Security analysts said the incident did not appear to raise security awareness to protect against hackers.
Software flaws raise concerns about a “cyber pandemic”
Source link Software flaws raise concerns about a “cyber pandemic”