Chinese hackers have developed fully weaponized software that has started causing chaos on the web. Security professionals worldwide have been trying to fix one of the worst computer exposures that has been discovered in decades, affecting millions of servers.
It was discovered earlier this month, through a software called Log4j. This software allows applications to interact with one another through various computer networks. By manipulating the system, dubbed Log4Shell, the hackers are capable of taking control of the servers that run the network, using them for their own gain.
This means that they can steal the data that are housed on those servers, including medical records, photos and individual bank account details. They can also lock up servers belonging to organisations in a ransomware attack.
Log4Shell is considered a zero-day vulnerability because malicious actors likely knew about it and exploited it before the experts did.
Prevention Better Than Cure
Firewalls and VPNs are most likely already working to protect their customer’s online security in the short-term, programmers have been struggling to find a way to fix this bug affecting millions of servers in the long-term. Security experts have suggested that all Log4j users should immediately look to upgrade to Log4j-2.15.0-rc2 to prevent further hacking.
Attempted Attacks Increase
After news spread of the vulnerability, the numbers of cybercriminals utilising this bug have increased dramatically. Hackers all around the world are using this tool, and taking an advantage of the terrible situation for their own gain. A summary of recent activity can be seen here:
- 10 December – 1,000 attempted attacks were made
- 11 December – 40,000 attempted attacks were made
- After 24 hours, almost 200,000 attacks were conducted across the globe
- 72 hours after the outbreak, over 800,000 attempted attacks were made
To find out how your organisation can protect itself in the long-term, contact Agilient.
Author: Mahdi Kobeissi, Cyber Security Consultant