This website collects cookies to deliver better user experience. Cookie Policy
Accept
Sign In
The Wall Street Publication
  • Home
  • Trending
  • U.S
  • World
  • Politics
  • Business
    • Business
    • Economy
    • Real Estate
    • Markets
    • Personal Finance
  • Tech
  • Lifestyle
    • Lifestyle
    • Style
    • Arts
  • Health
  • Sports
  • Entertainment
Reading: Hackers Backed by China Seen Exploiting Security Flaw in Internet Software
Share
The Wall Street PublicationThe Wall Street Publication
Font ResizerAa
Search
  • Home
  • Trending
  • U.S
  • World
  • Politics
  • Business
    • Business
    • Economy
    • Real Estate
    • Markets
    • Personal Finance
  • Tech
  • Lifestyle
    • Lifestyle
    • Style
    • Arts
  • Health
  • Sports
  • Entertainment
Have an existing account? Sign In
Follow US
© 2024 The Wall Street Publication. All Rights Reserved.
The Wall Street Publication > Blog > Tech > Hackers Backed by China Seen Exploiting Security Flaw in Internet Software
Tech

Hackers Backed by China Seen Exploiting Security Flaw in Internet Software

Editorial Board Published December 15, 2021
Share
Hackers Backed by China Seen Exploiting Security Flaw in Internet Software
SHARE

Hackers linked to China and other governments are among a growing assortment of cyberattackers seeking to exploit a widespread and severe vulnerability in computer server software, according to cybersecurity firms and Microsoft Corp. MSFT 1.92%

The involvement of hackers whom analysts have linked to nation-states underscored the increasing gravity of the flaw in Log4j software, a free bit of code that logs activity in computer networks and applications.

Cybersecurity researchers say it is one of the most dire cybersecurity threats to emerge in years and could enable devastating attacks, including ransomware, in both the immediate and distant future. Government-sponsored hackers are often among the best-resourced and most capable, analysts say.

“The effects of this vulnerability will reverberate for months to come—maybe even years—as we try to close these doors and try to hunt down all the actors who made their way in,” said John Hultquist, vice president of intelligence analysis at the U.S.-based cybersecurity firm Mandiant Inc. MNDT -2.21%

Both Microsoft and Mandiant said they have observed hacking groups linked to China and Iran launching attacks that exploit the flaw in Log4j. In an update to its website posted late Tuesday, Microsoft said that it had also seen nation-backed hackers from North Korea and Turkey using the attack. Some attackers appear to be experimenting with the attack; others are trying to use it to break into online targets, Microsoft said.

One of the groups exploiting the security hole in Log4j is the same China-backed group that was linked to a widespread attack on Microsoft Exchange servers earlier this year, Microsoft said. In July, the Biden administration blamed China for the Microsoft Exchange attack and said it had high confidence hackers tied to the Ministry of State Security were behind it. Dozens of other countries also blamed Beijing, which has denied involvement in the hacking.

Ransomware attacks are increasing in frequency, victim losses are skyrocketing, and hackers are shifting their targets. WSJ’s Dustin Volz explains why these attacks are on the rise and what the U.S. can do to fight them. Photo illustration: Laura Kammermann

A spokesman for the Chinese Embassy in Washington said Wednesday that Beijing opposes “cyberattacks of any kind” and highlighted that the Log4j vulnerability was first reported by a security team in China.

Security researchers have seen no signs to date, however, that China or another nation-state hacking group is attempting widespread exploitation of the Log4j issue on the same scale as the Microsoft Exchange attacks, which infected hundreds of thousands of servers across the globe.

U.S. officials this week said it was inevitable that adversarial governments would seek to exploit the security hole, but said that they hadn’t yet identified specific foreign groups acting on it. The U.S. government is often slower to formally attribute cyberattacks to foreign governments than companies like Mandiant and Microsoft.

Many other hackers are trying to break into systems that are vulnerable to the bug to probe for vulnerable servers or install cryptocurrency mining software, botnet code and other forms of malicious software, security researchers said.

Ransomware groups are also using the attack, raising fears of more disruptive cyberattacks ahead, according to researchers. An Iran-backed hacking group has been “deploying ransomware, acquiring and making modifications of the Log4j exploit,” Microsoft said. The company also has seen the attack used by “access brokers”—hackers who break into companies and then sell that access to other criminals who then install ransomware, a kind of code that locks up a victim’s files and demands payment for their release.

By Tuesday evening, the cybersecurity firm Check Point Software Technologies Ltd. had counted close to 600,000 attempts to exploit the Log4j bug by malicious cybercriminals. About 44% of corporate networks world-wide had been hit by these attempts, the company said.

“We have seen a wide range of threat activity. It has largely been low-level activity such as cryptominers, but we do expect that adversaries of all sorts will use this vulnerability to achieve their strategic goals,” said Eric Goldstein, the executive assistant director of the Cybersecurity and Infrastructure Security Agency at the Department of Homeland Security.

To date, CISA is unaware of a federal agency being breached by hackers leveraging the Log4j flaw, Mr. Goldstein told reporters Tuesday evening. The agency has given federal agencies a deadline of Dec. 24 to patch software to address the Log4j threat.

Researchers find the Log4j flaw particularly worrying because the free Java-based software is used in a broad range of products. It can be found in everything from security software to networking tools to videogame servers. The exact number of users of Log4j is impossible to know, but the software has been downloaded millions of times, according to the organization that builds it, the Apache Software Foundation.

The attack works reliably and is trivial to exploit, security researchers say. Although downloadable patches have already been made available, experts and U.S. officials said they expected the flaw to remain a problem for the long haul because some organizations will be slow to update their systems or might neglect to do so entirely.

“It’s a surprise it’s not more widespread,” said Adam Meyers, senior vice president of intelligence with CrowdStrike, a U.S.-based cybersecurity firm, which said they had detected Iranian actors leveraging the Log4j flaw. “The question that everyone is asking is, ‘What aren’t we seeing?’”

Corrections & Amplifications
In an update to its website posted late Tuesday, Microsoft said that it had also seen nation-backed hackers from North Korea and Turkey using the attack. An earlier version of this article misstated the day that Microsoft updated its website. (Corrected on Dec. 15, 2021.)

Write to Robert McMillan at [email protected] and Dustin Volz at [email protected]

Copyright ©2021 Dow Jones & Company, Inc. All Rights Reserved. 87990cbe856818d5eddac44c7b1cdeb8

TAGGED:Tech NewsWall Street Publication
Share This Article
Twitter Email Copy Link Print
Previous Article Apple Delays Return to Office, Closes Three Stores as Covid Cases Rise Apple Delays Return to Office, Closes Three Stores as Covid Cases Rise
Next Article SEC Aims to Shore Up Money Markets, Curb Insider Trading SEC Aims to Shore Up Money Markets, Curb Insider Trading

Editor's Pick

New Council of Financial Advisors report finds tariffs not inflicting inflation

New Council of Financial Advisors report finds tariffs not inflicting inflation

Former Trump administration head of financial coverage Tomas Philipson discusses President Trump’s commerce talks with South Korea and Japan, present…

By Editorial Board 4 Min Read
NBA Summer time League takeaways: Warriors rookie Will Richard makes debut vs. Spurs
NBA Summer time League takeaways: Warriors rookie Will Richard makes debut vs. Spurs

Richard makes debut SAN FRANCISCO – The Warriors‘ acquisition of their three…

5 Min Read
Moriah Plath Reveals Complete Hair Loss Attributable to Alopecia
Moriah Plath Reveals Complete Hair Loss Attributable to Alopecia

Studying Time: 3 minutes Moriah Plath is clearing the air, as a…

5 Min Read

Oponion

American customers see tariff surcharges on their receipts amid commerce struggle

American customers see tariff surcharges on their receipts amid commerce struggle

O’Leary Ventures chairman Kevin O’Leary explains how america can repair…

April 12, 2025

10 Well being Advantages of Soybean for Weight Loss

Be taught the highest 10 well…

November 29, 2024

iOS 15 Is Here: The iPhone Software Update’s Small Tricks Make Big Difference

Resume Subscription We are delighted that…

September 20, 2021

Drake Bell & Josh Peck Reunite, Focus on ‘Quiet on Set’ Revelations

Studying Time: 3 minutes Drake Bell…

March 24, 2025

China’s Covid-19 Dilemma Deepens

The hypercontagious Omicron Covid-19 variant has…

January 10, 2022

You Might Also Like

Banish Boredom With These Prime Day Board Recreation Offers
Tech

Banish Boredom With These Prime Day Board Recreation Offers

With summer time holidays nonetheless stretching off into the space, making the most of Prime Day board sport offers or…

13 Min Read
You Don’t Want an iPad, however Do You Need One? Then These Prime Day Apple Offers Are for You
Tech

You Don’t Want an iPad, however Do You Need One? Then These Prime Day Apple Offers Are for You

When you've got one Apple product, you normally have all of them—whether or not that is AirPods, an iPhone, an…

15 Min Read
I Discovered the Finest Magnificence Offers on Amazon Prime Day 2025
Tech

I Discovered the Finest Magnificence Offers on Amazon Prime Day 2025

Amazon Prime Day runs from July 8 to 11, and it’s a feeding frenzy for magnificence steals, so I’m right…

15 Min Read
My Job Is to Work Out. These Are the Health Trackers I’d Purchase on Prime Day
Tech

My Job Is to Work Out. These Are the Health Trackers I’d Purchase on Prime Day

Within the northern hemisphere, it is arduous to not spend the winter in a state of slumbering sloth, simply ready…

14 Min Read
The Wall Street Publication

About Us

The Wall Street Publication, a distinguished part of the Enspirers News Group, stands as a beacon of excellence in journalism. Committed to delivering unfiltered global news, we pride ourselves on our trusted coverage of Politics, Business, Technology, and more.

Company

  • About Us
  • Newsroom Policies & Standards
  • Diversity & Inclusion
  • Careers
  • Media & Community Relations
  • WP Creative Group
  • Accessibility Statement

Contact

  • Contact Us
  • Contact Customer Care
  • Advertise
  • Licensing & Syndication
  • Request a Correction
  • Contact the Newsroom
  • Send a News Tip
  • Report a Vulnerability

Term of Use

  • Digital Products Terms of Sale
  • Terms of Service
  • Privacy Policy
  • Cookie Settings
  • Submissions & Discussion Policy
  • RSS Terms of Service
  • Ad Choices

© 2024 The Wall Street Publication. All Rights Reserved.

Welcome Back!

Sign in to your account

Lost your password?