trending:

sponsored:

Just In...

View all Load more
Cybersecurity

Officials, experts sound the alarm about critical cyber vulnerability

by Maggie Miller - 12/10/21 4:58 PM ET
by Maggie Miller - 12/10/21 4:58 PM ET

Officials and cyber experts on Friday sounded the alarm about a critical logging vulnerability that could potentially impact thousands of organizations, racing to implement patches before hackers can exploit the opening.

The vulnerability in an Apache logging framework, known as “Log4j,” that could allow hackers to obtain access to targeted systems remotely sent experts running to update systems. Apache put out a security advisory warning of the threat and recommending steps to help organizations protect themselves. 

“It does feel like the internet is on fire today, anyone and everyone who is involved in the world of internet security is digging in right now trying to understand the implications of this new vulnerability,” Joe Sullivan, the chief security officer at Cloudflare, a website infrastructure and security company, told The Hill in an interview Friday. 

The vulnerability was already seen Friday to have far-reaching implications.

The online game Minecraft, which is owned by Microsoft, announced that its Java Edition was vulnerable to exploitation and recommended immediate steps users should take to address security concerns.

Researchers at data security platform LunaSec found evidence that Steam and Apple’s iCloud were also impacted, while Palo Alto Networks noted in a blog post that Twitter, Amazon and Chinese web giant Baidu were also reportedly being attacked. 

The Cybersecurity and Infrastructure Security Agency (CISA) put out an alert telling impacted organizations to “immediately” implement mitigations to protect against the vulnerability.

“A remote attacker could exploit this vulnerability to take control of an affected system,” the CISA alert read. “Log4j is an open-source, Java-based logging utility widely used by enterprise applications and cloud services.”

Both Austria‘s and New Zealand’s computer emergency readiness teams also put out alerts around the Log4j vulnerability, with the New Zealand team warning the vulnerability was being “actively exploited.”

“Reports from online users show that this is being actively exploited in the wild and that proof-of-concept code has been published,” the New Zealand agency wrote

Sullivan noted that the vulnerability allowed for “remote code execution” by malicious actors looking to gain access to other systems, and that it was potentially the “biggest” vulnerability yet given that the Log4j software is widely used. 

“It’s a foundational vulnerability in a significant piece of software that resides within a lot of other bigger pieces of software,” Sullivan said. “It’s like a particular type of tire is vulnerable to losing air very quickly, and it’s not just going to be one car manufacturer that has that tire, it’s going to be everywhere that that tire exists in the world, you need to go fix it.”

Rob Joyce, the director of cybersecurity at the National Security Agency (NSA), tweeted Friday that “the log4j vulnerability is a significant threat for exploitation due to the widespread inclusion in software frameworks, even NSA’s GHIDRA,” a software program used for reverse engineering.

The number of malicious actors attempting to exploit the vulnerability surged on Friday, with Sullivan telling The Hill that Cloudflare had seen a “spike over the last 6-10 hours.”

The exploitation of the vulnerability comes after a difficult year in cybersecurity.

Late last year, Russian government-linked hackers were discovered to be using a vulnerability in software from SolarWinds to compromise at least nine federal agencies and 100 private sector groups. The U.S. and its allies earlier this year formally blamed hackers linked to the Chinese government for exploiting vulnerabilities in Microsoft’s Exchange Server to potentially compromise thousands of organizations. 

Sullivan stressed Friday that companies should pay attention to patching against the Log4j vulnerability.

“The reality is that almost every company that runs software that faces the internet needs to do diligence to make sure they’re secure, this is as big as it gets,” Sullivan said. “It doesn’t mean that everybody is exploitable, it means that everybody needs to make sure that they are not, so it means that every single security team at every single company is looking at this now.”

Tags Amazon Apple Baidu CISA Cloudflare cyberattacks ICloud Joe Sullivan Microsoft NSA Twitter

Copyright 2024 Nexstar Media Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed.

More Cybersecurity News

See All

See All

Video/Hill.TV

See all Hill.TV

See all Video

See all Hill.TV See all Video

Top Stories

See All

See All

Most Popular

  1. Texas Gov. Abbott faces backlash after mass arrest at UT Austin pro-Palestine ...
  2. Supreme Court debates whether coup, assassination would be official acts: Live ...
  3. FTC votes to ban noncompete agreements
  4. Female Supreme Court justices push back most strongly on Idaho abortion ban
  5. Conservatives aim their fire at Texas Republican after ‘scumbags’ comment
  6. GOP critics vow no more US aid for Ukraine
  7. Nationwide health alert issued for ground beef over potential E. coli risk
  8. Southwest closing operations at 4 airports
  9. Secret Service agent removed from Harris’s security detail after ...
  10. Trump lawyer on hush money case: ‘I don’t have hopes really that high’
  11. Biden gains on Trump in series of polls
  12. The cost of buying a home has hit an all-time high
  13. Trump tops Biden by 2 points in new Florida poll
  14. Justice Jackson suggests Trump claims risk turning Oval Office into ‘seat of ...
  15. Sanders launches investigation into ‘unacceptable’ diabetes, weight loss ...
  16. FCC votes to restore net neutrality rules
  17. Ty Cobb responds to Giuliani indictment, says he ‘sold his soul’ for Trump
  18. Trump mocks Barr after endorsement, says he will remove ‘lethargic’ label
Load more