Cyber security experts have just uncovered a security flaw that has caused an uproar on the web. Called “log4shell”, this vulnerability makes the machines much easier to control.
Bug of year 2022 after bug of year 2000? Recently, cyber security experts have discovered a security flaw that is causing a ruckus on the web. Called “Log4Shell”, it is related to Log4j, a widely used tool in web applications and services.
It was Chen Zhaojun, an expert from Chinese distribution company Alibaba, who first sounded the alarm on November 24. Relatively “easy” to use, this can lead to complete control of the respective servers. The flaws are rated from 0 to 10, depending on whether they are serious. And “log4shell” is at 10.
ubiquitous software
Computer Fault is included in Log4j, a set of utility functions primarily used to ensure that software is working properly. “Log4j is a module used by the famous Java computer programming language, available for free on the Github site, thanks to some volunteers who have been updating it regularly since the early 2000s”, Pablo Malle explains on the UsbeketRica website, Open source, it is ubiquitous in a large number of software applications and services around the world. Of which Twitter, Amazon, Microsoft or Minecraft.
In some versions of Log4j, the flaw makes it much easier to control the machine that hosts it. “A first-year computer science student who has the basic tools to develop a website is able to exploit this flaw,” said Loic Guejo, general secretary of Clusif, a French association of cyber security experts. to the extent that Hackers managed to break into the Belgian Defense Ministry From the night of Sunday 19 December to Monday 20 December. Some Canadian government sites also had to be closed for security reasons. In Germany, Bosch also admitted to being influenced.
40% of global networks may have suffered an exploitation attempt
The US Cyber Security and Infrastructure Security Agency (CISA) expects it to be “widely exploited” by malicious actors and that “hundreds of millions” of devices could be affected.
On 16 December, it was around the National Information Systems Security Agency (ANSI) to launch the alert. The latter reported that the “log4shell” flaw was “now actively exploited by attackers in a malicious manner”. Unfortunately, there are well-founded fears. According to cybersecurity specialist Check Point, 40% of global networks suffered an exploit attempt last week.
According to cyber security experts, some hackers even use this flaw to install “cryptominers”, which is software used to obtain cryptocurrencies. “Botnets”, vast networks of infected machines that can be used to carry out attacks, also use Log4j to infect new machines, explains World,
Latest information
In two weeks, the Apache Foundation had to publish three patches to fix the flaw. It is necessary to update the tools used by companies and administrations to ensure the security of the system… but this process can take time. Anssi therefore recommends that they Doing inventory work to measure your system’s vulnerability And for “immediate” security updates.
Among other advice from the agency: follow the recommendations of the CERT-FR Alert Bulletin, turn to software publishers in case of doubt about the presence of a “log4shell” defect, and take up-to-date backups and repairs to prevent it failing. Keep Offline for a Possible Ransomware Attack, Explains Les Numerics.
