This website collects cookies to deliver better user experience. Cookie Policy
Accept
Sign In
The Wall Street Publication
  • Home
  • Trending
  • U.S
  • World
  • Politics
  • Business
    • Business
    • Economy
    • Real Estate
    • Markets
    • Personal Finance
  • Tech
  • Lifestyle
    • Lifestyle
    • Style
    • Arts
  • Health
  • Sports
  • Entertainment
Reading: What Is the Log4j Vulnerability? What to Know.
Share
The Wall Street PublicationThe Wall Street Publication
Font ResizerAa
Search
  • Home
  • Trending
  • U.S
  • World
  • Politics
  • Business
    • Business
    • Economy
    • Real Estate
    • Markets
    • Personal Finance
  • Tech
  • Lifestyle
    • Lifestyle
    • Style
    • Arts
  • Health
  • Sports
  • Entertainment
Have an existing account? Sign In
Follow US
© 2024 The Wall Street Publication. All Rights Reserved.
The Wall Street Publication > Blog > Tech > What Is the Log4j Vulnerability? What to Know.
Tech

What Is the Log4j Vulnerability? What to Know.

Editorial Board Published December 21, 2021
Share
What Is the Log4j Vulnerability? What to Know.
SHARE

A flaw in widely used internet software known as Log4j has left companies and government officials scrambling to respond to a glaring cybersecurity threat to global computer networks.

Contents
What is Log4j?How can hackers take advantage of Log4j’s vulnerability?Are foreign governments taking advantage of the flaw?How is the U.S. government responding?How is Europe responding?How widespread is the Log4j flaw?Which technology suppliers are affected by the Log4j vulnerability?How can companies fix the Log4j problem?

The bug could enable potentially devastating cyberattacks that span economic sectors and international borders, according to security experts.

U.S. officials said hundreds of millions of devices were at risk and issued an emergency directive ordering federal agencies to take steps to mitigate the threat by Christmas Eve. Researchers and major technology companies warned that hackers linked to foreign governments and criminal ransomware groups were probing how to exploit the vulnerability within targets’ computer systems.

The U.K.’s National Cyber Security Centre warned corporate boards that “the situation is fluid and changing regularly,” and provided guidance for overseeing company risk and response to Log4j.

What is Log4j?

Software developers use the Log4j framework to record user activity and the behavior of applications. Distributed free by the nonprofit Apache Software Foundation, Log4j has been downloaded millions of times and is among the most widely used tools to collect information across corporate computer networks, websites and applications. The software is maintained by Apache volunteers who have so far released three security updates. An Apache spokeswoman said the way Log4j is inserted into different pieces of software makes it impossible to track the tool’s reach.

How can hackers take advantage of Log4j’s vulnerability?

The Log4j flaw allows attackers to execute code remotely on a target computer, which could let them steal data, install malware or take control. Exploits discovered recently include hacking systems to mine cryptocurrency. Other hackers have built malware to hijack computers for large-scale assaults on internet infrastructure, cyber researchers have found.

The vulnerability might give hackers enough of a foothold within a system to install ransomware, a type of computer virus that locks up data and systems until the attackers are paid by victims. Security company F-Secure Oyj said its analysts have observed some ransomware variants being deployed via the Log4j flaw, along with malware that is often deployed as a precursor to a ransomware strike.

“To be clear, this vulnerability poses a severe risk,” said Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency. Internet-facing systems as well as back-end systems could contain the vulnerability.

Are foreign governments taking advantage of the flaw?

Security company Mandiant Inc. and Microsoft Corp. said they have traced attempted attacks that exploit the flaw to hackers with suspected links to China and Iran. Microsoft said one of the groups is the same one responsible for a hack of its Exchange Server email product earlier this year, which the U.S. attributed to China. Beijing denies involvement in the attack.

Microsoft said that it has also seen nation-backed hackers from North Korea and Turkey attempting to exploit Log4j.

Cybersecurity company SecurityScorecard Inc. said it has observed scans for the vulnerability linked to Russia-based hackers, including the group blamed for hacking the Democratic National Committee in 2016.

How is the U.S. government responding?

Officials say they have been in frequent contact with cybersecurity companies, cloud-service providers and telecommunications businesses to share information about the threat. The Biden administration ordered federal agencies to locate internet-connected software that uses Log4j and immediately update those tools, bolster their security measures or take them offline.

Eric Goldstein, executive assistant director of the Cybersecurity and Infrastructure Security Agency, said he wasn’t aware of any agency being breached using the Log4j flaw.

“But certainly we are deeply concerned about the prospect of adversaries using this vulnerability to cause real harm and even impacting national-critical functions,” he said.

CISA’s information page offers recommendations.

How is Europe responding?

Belgium’s Defense Ministry said it shut down parts of its computer network because attackers triggered the vulnerability.

Cybersecurity response teams for the 27 European Union countries are monitoring Log4j developments. Experts in national units across Europe are constantly exchanging technical information about what they see, said Gorazd Bozic, the chair of the network of incident response units from EU countries.

The network could move into a higher emergency-level status if a serious exploit occurs in Europe, Mr. Bozic said. So far, analysts have seen low-sophistication attempts to exploit Log4j, such as attackers seeking to install software for mining cryptocurrency, he said.

Belgium’s Centre for Cyber Security has been in contact with local companies after issuing a report on how to identify whether the vulnerability is being compromised, said Kevin Holvoet, a cyber threat intelligence analyst at the agency. Analysts have seen continuing scanning attempts to trigger the bug as well as reconnaissance efforts, he said.

The U.K.’s National Cyber Security Centre published steps to help companies identify the vulnerability in their IT infrastructure. The Dutch National Cyber Security Centre is maintaining a list of software that is and isn’t affected by the vulnerability.

In Romania, the National Cyber Security Directorate sent individual alerts to companies and critical infrastructure operators, said Dan Cimpean, the organization’s director. Mr. Cimpean said he has seen no sign of a serious incident in Romania. If a Romanian company is compromised, cyber experts from the agency could help, he said. “We have tools to escalate a very fast response if needed,” he said.

How widespread is the Log4j flaw?

Cybersecurity company Akamai Technologies Inc. has tracked 10 million attempts to exploit the Log4j vulnerability per hour in the U.S. Hackers are using the vulnerability to target the retail sector more than any other, Akamai said. The technology, financial-services and manufacturing industries have also been frequent targets.

Which technology suppliers are affected by the Log4j vulnerability?

Many, and the list is growing. Among them are Apple Inc., Amazon.com Inc., Cloudflare Inc., IBM, Microsoft’s Minecraft, Palo Alto Networks Inc. and Twitter Inc. Several technology companies have issued alerts and guidance to customers about how to decrease their risk.

How can companies fix the Log4j problem?

CISA suggests immediately identifying internet-facing devices that have Log4j and ensuring your security team responds to alerts related to these devices. Also, install a web application firewall with rules that automatically update so that your team can concentrate on fewer alerts.

Microsoft recommended a series of steps to mitigate the risk of exploitation, including contacting your software application providers to be sure they are using the most up-to-date version of the Java programming language, which would include patches.

In lieu of available patches, Teresa Walsh, global head of intelligence at the Financial Services Information Sharing and Analysis Center, recommends that companies limit unnecessary outbound internet traffic, which would go some way to protecting vulnerable systems.

“Firms can reduce their risk by reducing their exposure,” she said.

Write to David Uberti at david.uberti@wsj.com, James Rundle at james.rundle@wsj.com and Catherine Stupp at Catherine.Stupp@wsj.com

Copyright ©2021 Dow Jones & Company, Inc. All Rights Reserved. 87990cbe856818d5eddac44c7b1cdeb8

TAGGED:Tech NewsWall Street Publication
Share This Article
Twitter Email Copy Link Print
Previous Article Well-Preserved Embryo Found Inside Fossilized Dinosaur Egg Well-Preserved Embryo Found Inside Fossilized Dinosaur Egg
Next Article OnlyFans Names Its Marketing Chief as CEO OnlyFans Names Its Marketing Chief as CEO

Editor's Pick

JPMorgan unveils its 2025 summer season studying record

JPMorgan unveils its 2025 summer season studying record

JPMorgan Chase Chairman and CEO Jamie Dimon on the significance of management abilities, deregulation coverage, power independence and the Federal…

By Editorial Board 4 Min Read
Overview: Hollywood star delivers an enormous shock at BottleRock Napa
Overview: Hollywood star delivers an enormous shock at BottleRock Napa

Followers turned out to see Kate Hudson at BottleRock Napa Valley on…

5 Min Read
Man shot and killed on one hundredth Avenue in Oakland on Saturday
Man shot and killed on one hundredth Avenue in Oakland on Saturday

Oakland police are investigating the loss of life of a person, 34,…

1 Min Read

Oponion

Elon Musk Got More Time to Close Twitter Deal, Not More Options

Elon Musk Got More Time to Close Twitter Deal, Not More Options

A judge’s decision to grant Elon Musk a delay in…

October 7, 2022

Author Alice Sebold apologizes to man cleared in 1981 rape

NEW YORK (AP) – Author Alice…

November 30, 2021

Inside Amazon’s Department Store Plans: High-Tech Dressing Rooms

Amazon.com Inc.’s planned department stores will…

September 22, 2021

Why Whoopi Goldberg’s Leaving ‘The View’ After Current Adjustments

Is Whoopi Goldberg leaving The View…

November 13, 2024

Apple, Google Hold ‘Vise-Like Grip’ on Smartphones, U.K. Regulator Says

LONDON— Apple Inc. and Alphabet Inc.’s…

December 14, 2021

You Might Also Like

The Landscape of International Trade in 2025: Constant Evolution and Strategic Shifts
TechTrending

The Landscape of International Trade in 2025: Constant Evolution and Strategic Shifts

The international trade landscape is in constant flux, and the year 2025 is no exception. According to expert Manoel Gil…

3 Min Read
TLI Ranked Highest-Rated 3PL on Google Reviews
TechTrending

TLI Ranked Highest-Rated 3PL on Google Reviews

EXTON, PA — Translogistics, Inc. (TLI), a trailblazer in the 3PL and managed logistics space since its founding in 1994,…

12 Min Read
The Finest LED Face Masks and Pink-Gentle Remedy for At-Dwelling Therapies
Tech

The Finest LED Face Masks and Pink-Gentle Remedy for At-Dwelling Therapies

Finest Cooling LED Face Masks{Photograph}: SHARKShark CryoGlow Pink Blue & Infrared iQLED Face Masks & Underneath Eye CoolingThe Shark CryoGlow…

4 Min Read
Which Google Pixel Telephone Ought to You Purchase?
Tech

Which Google Pixel Telephone Ought to You Purchase?

Google Pixel telephones are our favourite Android telephones right here at WIRED and have been for a number of years.…

6 Min Read
The Wall Street Publication

About Us

The Wall Street Publication, a distinguished part of the Enspirers News Group, stands as a beacon of excellence in journalism. Committed to delivering unfiltered global news, we pride ourselves on our trusted coverage of Politics, Business, Technology, and more.

Company

  • About Us
  • Newsroom Policies & Standards
  • Diversity & Inclusion
  • Careers
  • Media & Community Relations
  • WP Creative Group
  • Accessibility Statement

Contact

  • Contact Us
  • Contact Customer Care
  • Advertise
  • Licensing & Syndication
  • Request a Correction
  • Contact the Newsroom
  • Send a News Tip
  • Report a Vulnerability

Term of Use

  • Digital Products Terms of Sale
  • Terms of Service
  • Privacy Policy
  • Cookie Settings
  • Submissions & Discussion Policy
  • RSS Terms of Service
  • Ad Choices

© 2024 The Wall Street Publication. All Rights Reserved.

Welcome Back!

Sign in to your account

Lost your password?