Department of Homeland Security Warns of Critical Flaws in Generally Used Software

This is trouble. Hackers have gained access to exploit a vulnerability in software embedded in systems used by organizations.

Jen Easterly, a top official of the Department of Homeland Security has warned of this vulnerability. Government and private sector Organizations must address this flaw quickly to avoid the intrusion of their network.

Apache Log4j

This vulnerable software is called Apache Log4j. The Apache Log4j is a logging framework that is java based. There is a component of the Apache Log 4j called the Java Naming and Directory Interface (JNDI).

This is used to discover and lookup data and resources via a name. It works primarily by connecting a Java application to an external directory service like an address database and it also allows Java Servlet to lookup configuration information provided by the hosting web contained.

Read More: Bill Gates: ‘Right-Wing Conspiracy Theories Are The Reason Why Americans Aren’t Getting Vaccinated

The Vulnerability Explained

The Vulnerability of the Log4j is based on the JNDI. This vulnerability involves remote code execution on the Log4j. Hackers can remotely lookup data and resources and even have access to the services connected to the JNDI. Access to the Log4j can lead to access to the whole organization. A lot of organizations’ servers have the Apache Log4j.

On November 4, 2021, Alibaba found out about this vulnerability and reported it to Apache. Apache started working on fixing the problem which they fixed and released on December 6, 2021; 3 days before the news was released on tweeter in December. There is a fix to this problem already in a new version of the Log4j called Log4j version 2.15.0-rc1.

Problem Escalation

A software that can be used to exploit this vulnerability was released on GitHub. This made the matter very terrible and urgent.

Hackers have software they can use to exploit this vulnerability, but Apache has already blocked this access in an upgrade that IT Administrators and Managers in organizations need to upgrade as quickly as possible on all their servers.

The World in Trouble

This problem was so major that the Apache Software Foundation assigned the maximum severity rating of 10 to it. Cyber security firm Tenable called it the biggest most critical venerability of the last decade.

Germany’s Federal Office for Information Security (BSI) called it an extremely critical threat situation. Canada Center for Cyber Security also called for immediate actions by organizations.

Major services affected include Cloudflare, iCloud, Minecraft: Java Edition, Steam, Tencent QQ, and Twitter. There is no limit to those affected; because this problem is a server-side problem and most companies run on servers that have Apache’s framework on them.

A firm that maps internet traffic called GreyNoise Intelligence, said that between Friday to Saturday, the number of devices that were trying to exploit the vulnerability had more than doubled.

The Solution is Here

The vulnerability can offer a hacker a relatively easy way to access an organization’s computer server. From there, an attacker could devise other ways to access systems on an organization’s network.

Read More: How Social Security Cost-of-living Adjustment Will Be Influenced by High Inflation

Apache has already blocked this vulnerability. This is an urgent situation; server administrators in organizations only need to update to the Log4j version 2.15.0-rc1 which has blocked the access to hackers to the JNDI.

For those using shared hosting; I believe that internet hosting companies have the responsibility to fix this and protect their clients since they are the owners of their servers.

Leave A Reply

Your email address will not be published.