{"id":214464,"date":"2021-12-17T10:50:58","date_gmt":"2021-12-17T02:50:58","guid":{"rendered":"https:\/\/techwireasia.com\/?p=214464"},"modified":"2021-12-17T11:14:56","modified_gmt":"2021-12-17T03:14:56","slug":"new-log4j-vulnerability-most-serious-ever-chinese-hackers-already-exploiting-it","status":"publish","type":"post","link":"https:\/\/techwireasia.com\/2021\/12\/new-log4j-vulnerability-most-serious-ever-chinese-hackers-already-exploiting-it\/","title":{"rendered":"New Log4J vulnerability &#8216;most serious ever&#8217;, Chinese hackers already exploiting it"},"content":{"rendered":"<ul>\n<li aria-level=\"1\"><b>Hundreds of millions of devices around the world are at risk of a newly revealed software vulnerability &#8212; the Log4j\u00a0<\/b><\/li>\n<li aria-level=\"1\"><b>Attackers had over a week&#8217;s headstart on exploiting the software flaw before it was publicly disclosed, and the fallout could continue for days and weeks as organizations race to address the issue<\/b><\/li>\n<li aria-level=\"1\"><b>Tech giants like Amazon Web Services and IBM have addressed the bug so far <\/b><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">A critical new vulnerability called Log4j (or, Log4Shell) was disclosed last week &#8212; and at risk are hundreds of millions of devices around the world. The Log4j flaw was found to be on an open-source library used by millions of web servers. The bug leaves them all vulnerable to attack so organizations around the world are left scrambling to patch affected systems before <\/span><a href=\"https:\/\/techhq.com\/2021\/08\/heres-how-hackers-exploit-iot-device-vulnerabilities-to-invade-hardware\/\"><span style=\"font-weight: 400;\">hackers<\/span><\/a><span style=\"font-weight: 400;\"> can exploit them.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">The US Cybersecurity and Infrastructure Security Agency\u2019s (CISA) director Jen Easterly <\/span><a href=\"https:\/\/edition.cnn.com\/2021\/12\/13\/politics\/us-warning-software-vulnerability\/index.html\"><span style=\"font-weight: 400;\">told <\/span><\/a><i><span style=\"font-weight: 400;\">CNN <\/span><\/i><span style=\"font-weight: 400;\">that \u201cthe vulnerability is one of the most serious that I have seen in my entire career, if not the most serious.\u201d <\/span><i><span style=\"font-weight: 400;\">CNN <\/span><\/i><span style=\"font-weight: 400;\">was briefed after the US officials held a call with industry executives, warning that hackers are actively exploiting the vulnerability.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">According to researchers from <\/span><a href=\"https:\/\/blog.talosintelligence.com\/2021\/12\/apache-log4j-rce-vulnerability.html\"><span style=\"font-weight: 400;\">Cisco<\/span><\/a><span style=\"font-weight: 400;\"> and <\/span><a href=\"https:\/\/twitter.com\/eastdakota\/status\/1469800951351427073\"><span style=\"font-weight: 400;\">Cloudflare<\/span><\/a><span style=\"font-weight: 400;\">, hackers have been exploiting the bug since the beginning of the month. However, attacks ramped up dramatically following Apache&#8217;s disclosure last Thursday. <\/span><span style=\"font-weight: 400;\">Jen also emphasized that the <\/span><a href=\"https:\/\/www.cisa.gov\/news\/2021\/12\/11\/statement-cisa-director-easterly-log4j-vulnerability\"><span style=\"font-weight: 400;\">security flaw poses a \u201csevere risk\u201d<\/span><\/a><span style=\"font-weight: 400;\"> to the internet. \u201cThis vulnerability, which is being widely exploited by a <\/span><a href=\"https:\/\/techhq.com\/2021\/09\/heres-how-cyber-threats-are-being-detected-using-deep-learning\/\"><span style=\"font-weight: 400;\">growing set of threat<\/span><\/a><span style=\"font-weight: 400;\"> actors, presents an urgent challenge to network defenders given its broad use,\u201d she added.<\/span><\/p>\n<h3><b>What is Log4j and why is it so severe?<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">The news on the software flaw broke last week, with an initial <\/span><a href=\"https:\/\/www.zdnet.com\/article\/security-warning-new-zero-day-in-the-log4j-java-library-is-already-being-exploited\/\"><span style=\"font-weight: 400;\">alert by CERT New Zealand<\/span><\/a><span style=\"font-weight: 400;\">. Followed by the <\/span><a href=\"https:\/\/www.cisa.gov\/news\/2021\/12\/11\/statement-cisa-director-easterly-log4j-vulnerability\"><span style=\"font-weight: 400;\">CISA<\/span><\/a><span style=\"font-weight: 400;\"> and the UK&#8217;s National Cyber Security Center. For context, the vulnerability is in Java-based software known as &#8220;Log4j&#8221; and large organizations including some of the world&#8217;s biggest tech firms use it to log information in their applications.<\/span><\/p>\n<div class=\"see-also left\"><div class=\"row\" data-equalizer><a href=https:\/\/techwireasia.com\/2021\/09\/can-quantum-key-distribution-improve-cybersecurity-in-southeast-asia\/><div class=\"medium-12 small-4 columns\" data-equalizer-watch><img width=\"300\" height=\"200\" src=\"https:\/\/cdn.techwireasia.com\/wp-content\/uploads\/2021\/08\/quantum_communication_2.jpg\" class=\"ratio2by1 wp-post-image\" alt=\"quantum key distribution\" loading=\"lazy\" \/><img width=\"150\" height=\"150\" src=\"https:\/\/cdn.techwireasia.com\/wp-content\/uploads\/2021\/08\/quantum_communication_2-150x150.jpg\" class=\"ratiosquare wp-post-image\" alt=\"quantum key distribution\" loading=\"lazy\" srcset=\"https:\/\/cdn.techwireasia.com\/wp-content\/uploads\/2021\/08\/quantum_communication_2-150x150.jpg 150w, https:\/\/cdn.techwireasia.com\/wp-content\/uploads\/2021\/08\/quantum_communication_2-167x167.jpg 167w, https:\/\/cdn.techwireasia.com\/wp-content\/uploads\/2021\/08\/quantum_communication_2-100x100.jpg 100w, https:\/\/cdn.techwireasia.com\/wp-content\/uploads\/2021\/08\/quantum_communication_2-125x125.jpg 125w\" sizes=\"(max-width: 150px) 100vw, 150px\" \/><\/div><div class=\"medium-12 small-8 columns\" data-equalizer-watch><h4>CAN QUANTUM KEY DISTRIBUTION IMPROVE CYBERSECURITY IN SEA?<\/h4><p class=\"byline\">Aaron Raj | 1 September, 2021<\/p><\/div><\/a><\/div><\/div>\n<p><span style=\"font-weight: 400;\">In short, the flaw affects millions of pieces of software, running on a large number of machines that many systems interact with. So far, there have been various hacker orgs including Chinese state-backed groups, <\/span><a href=\"https:\/\/www.ft.com\/content\/d3c244f2-eaba-4c46-9a51-b28fc13d9551\"><span style=\"font-weight: 400;\">per the <\/span><i><span style=\"font-weight: 400;\">Financial Times<\/span><\/i><\/a><span style=\"font-weight: 400;\">, that have launched more than 1.2 million attacks on companies globally since last Friday. Quoting cybersecurity group Check Point, <em>FT<\/em> said the attacks relating to the vulnerability had accelerated since then and that at some points researchers were seeing more than 100 attacks a minute.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">In fact, the Dutch National Cyber Security Center <\/span><a href=\"https:\/\/github.com\/NCSC-NL\/log4shell\/tree\/main\/software\"><span style=\"font-weight: 400;\">released<\/span><\/a><span style=\"font-weight: 400;\"> a lengthy list of software that is affected by the vulnerability. A map showing where Log4j exploitation attempts have been made was released by international security company ESET. It indicates the highest volumes occurring in the US, UK, Turkey, Germany, and the Netherlands.<\/span><\/p>\n<div id=\"attachment_211600\" style=\"width: 1034px\" class=\"wp-caption aligncenter\"><img aria-describedby=\"caption-attachment-211600\" loading=\"lazy\" class=\"wp-image-211600 size-large\" src=\"https:\/\/techhq.com\/wp-content\/uploads\/2021\/12\/eset-1024x554.png\" alt=\"Log4j exploitation attempts.\" width=\"1024\" height=\"554\" \/><p id=\"caption-attachment-211600\" class=\"wp-caption-text\">Log4j exploitation attempts. Source: ESET<\/p><\/div>\n<p><span style=\"font-weight: 400;\">Not too long after the flaw was detected, Apache <\/span><a href=\"https:\/\/logging.apache.org\/log4j\/2.x\/security.html\"><span style=\"font-weight: 400;\">gave the vulnerability a \u201ccritical\u201d ranking<\/span><\/a><span style=\"font-weight: 400;\"> and rushed to develop a solution. IT teams will have to update Log4j to version 2.15.0, which was <\/span><a href=\"https:\/\/twitter.com\/TaliaRinger\/status\/1470015866918125581\"><span style=\"font-weight: 400;\">released before the vulnerability was made public<\/span><\/a><span style=\"font-weight: 400;\"> and it mostly fixes the issue. At the time of writing, tech giants like<\/span><span style=\"font-weight: 400;\"> Amazon Web Services<\/span><span style=\"font-weight: 400;\"> and <\/span><span style=\"font-weight: 400;\">IBM<\/span><span style=\"font-weight: 400;\"> have addressed the bug in their products.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Even <\/span><span style=\"font-weight: 400;\">Microsoft<\/span><span style=\"font-weight: 400;\">, <\/span><span style=\"font-weight: 400;\">Cisco<\/span><span style=\"font-weight: 400;\">, and <\/span><span style=\"font-weight: 400;\">Google Cloud<\/span><span style=\"font-weight: 400;\">, have all found that at least some of their services were vulnerable and have been rushing to issue fixes and advise customers about how best to proceed. Unfortunately, <\/span><a href=\"https:\/\/www.wired.com\/story\/log4j-log4shell\/\"><span style=\"font-weight: 400;\">a <i>Wired<\/i> article<\/span><\/a><span style=\"font-weight: 400;\"> stated that the Log4Shell will continue to wreak havoc across the internet for years to come, as many organizations won&#8217;t even realize that they have systems at risk. In the meantime, attackers will continue to look for creative new ways to discover and continue exploiting as many vulnerable systems as possible.\u00a0<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Hundreds of millions of devices around the world are at risk of a newly revealed software vulnerability &#8212; the Log4j\u00a0 Attackers had over a week&#8217;s headstart on exploiting the software flaw before it was publicly disclosed, and the fallout could continue for days and weeks as organizations race to address the issue Tech giants like<a class=\"excerpt-read-more\" href=\"https:\/\/techwireasia.com\/2021\/12\/new-log4j-vulnerability-most-serious-ever-chinese-hackers-already-exploiting-it\/\" title=\"ReadNew Log4J vulnerability &#8216;most serious ever&#8217;, Chinese hackers already exploiting it\">&#8230; Read more &raquo;<\/a><\/p>\n","protected":false},"author":607,"featured_media":214472,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[6,4381,2372,10449,10],"tags":[2949,2701,10503],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v16.5 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>New Log4J vulnerability &#039;most serious ever&#039;, Chinese hackers already exploiting it - Tech Wire Asia<\/title>\n<meta name=\"description\" content=\"A critical new vulnerability called Log4j was disclosed last week - and at risk are hundreds of millions of devices around the world.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/techwireasia.com\/2021\/12\/new-log4j-vulnerability-most-serious-ever-chinese-hackers-already-exploiting-it\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"New Log4J vulnerability &#039;most serious ever&#039;, Chinese hackers already exploiting it - Tech Wire Asia\" \/>\n<meta property=\"og:description\" content=\"A critical new vulnerability called Log4j was disclosed last week - and at risk are hundreds of millions of devices around the world.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/techwireasia.com\/2021\/12\/new-log4j-vulnerability-most-serious-ever-chinese-hackers-already-exploiting-it\/\" \/>\n<meta property=\"og:site_name\" content=\"Tech Wire Asia\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/techwireasia\" \/>\n<meta property=\"article:published_time\" content=\"2021-12-17T02:50:58+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-12-17T03:14:56+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/techwireasia.com\/wp-content\/uploads\/2021\/12\/shutterstock_2089585993.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1000\" \/>\n\t<meta property=\"og:image:height\" content=\"751\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@DashveenjitK\" \/>\n<meta name=\"twitter:site\" content=\"@techwireasia\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebSite\",\"@id\":\"https:\/\/techwireasia.com\/#website\",\"url\":\"https:\/\/techwireasia.com\/\",\"name\":\"Tech Wire Asia\",\"description\":\"Where technology and business intersect\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":\"https:\/\/techwireasia.com\/?s={search_term_string}\",\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/techwireasia.com\/2021\/12\/new-log4j-vulnerability-most-serious-ever-chinese-hackers-already-exploiting-it\/#primaryimage\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/cdn.techwireasia.com\/wp-content\/uploads\/2021\/12\/shutterstock_2089585993.jpg\",\"contentUrl\":\"https:\/\/cdn.techwireasia.com\/wp-content\/uploads\/2021\/12\/shutterstock_2089585993.jpg\",\"width\":1000,\"height\":751,\"caption\":\"IMG\/Shutterstock\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/techwireasia.com\/2021\/12\/new-log4j-vulnerability-most-serious-ever-chinese-hackers-already-exploiting-it\/#webpage\",\"url\":\"https:\/\/techwireasia.com\/2021\/12\/new-log4j-vulnerability-most-serious-ever-chinese-hackers-already-exploiting-it\/\",\"name\":\"New Log4J vulnerability 'most serious ever', Chinese hackers already exploiting it - Tech Wire Asia\",\"isPartOf\":{\"@id\":\"https:\/\/techwireasia.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/techwireasia.com\/2021\/12\/new-log4j-vulnerability-most-serious-ever-chinese-hackers-already-exploiting-it\/#primaryimage\"},\"datePublished\":\"2021-12-17T02:50:58+00:00\",\"dateModified\":\"2021-12-17T03:14:56+00:00\",\"author\":{\"@id\":\"https:\/\/techwireasia.com\/#\/schema\/person\/8d22cfff5b2171f27ef72eb00808e22d\"},\"description\":\"A critical new vulnerability called Log4j was disclosed last week - and at risk are hundreds of millions of devices around the world.\",\"breadcrumb\":{\"@id\":\"https:\/\/techwireasia.com\/2021\/12\/new-log4j-vulnerability-most-serious-ever-chinese-hackers-already-exploiting-it\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/techwireasia.com\/2021\/12\/new-log4j-vulnerability-most-serious-ever-chinese-hackers-already-exploiting-it\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/techwireasia.com\/2021\/12\/new-log4j-vulnerability-most-serious-ever-chinese-hackers-already-exploiting-it\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/techwireasia.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"cyberattacks\",\"item\":\"https:\/\/techwireasia.com\/tag\/cyberattacks\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"New Log4J vulnerability &#8216;most serious ever&#8217;, Chinese hackers already exploiting it\"}]},{\"@type\":\"Person\",\"@id\":\"https:\/\/techwireasia.com\/#\/schema\/person\/8d22cfff5b2171f27ef72eb00808e22d\",\"name\":\"Dashveenjit Kaur\",\"image\":{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/techwireasia.com\/#personlogo\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/cdn.techwireasia.com\/wp-content\/uploads\/2020\/10\/Ill_for_Dashveen_r-100x100.png\",\"contentUrl\":\"https:\/\/cdn.techwireasia.com\/wp-content\/uploads\/2020\/10\/Ill_for_Dashveen_r-100x100.png\",\"caption\":\"Dashveenjit Kaur\"},\"description\":\"Dashveen writes for Tech Wire Asia and TechHQ, providing research-based commentary on the exciting world of technology in business. Previously, she reported on the ground of Malaysia's fast-paced political arena and stock market.\",\"sameAs\":[\"https:\/\/www.linkedin.com\/in\/dashveenjitkaur\/\",\"https:\/\/twitter.com\/DashveenjitK\"],\"url\":\"https:\/\/techwireasia.com\/author\/dashveen\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","meta-shares":{"featured1":["yes"],"featured2":["yes"],"featured3":["no"],"featured4":["no"],"featured5":["no"],"classic-editor-remember":["classic-editor"],"_edit_lock":["1639714168:631"],"_edit_last":["631"],"dfiFeatured":["a:1:{i:0;s:0:\"\";}"],"_yoast_wpseo_content_score":["30"],"_yoast_wpseo_estimated-reading-time-minutes":["3"],"primary-tag-meta-box":["2701"],"story-series-meta-box":[""],"story-series-featured":["no"],"twitter-post-meta-box":["The news on the software flaw broke last week, with an initial alert by CERT New Zealand.\r\n#Log4j"],"twittertwo-post-meta-box":[""],"twitterthree-post-meta-box":[""],"facebookone-post-meta-box":[""],"facebooktwo-post-meta-box":[""],"video-post-meta-box":[""],"writer-meta-box-dropdown":["Dashveen"],"_yoast_wpseo_focuskw":["Log4J vulnerability"],"_yoast_wpseo_linkdex":["75"],"_yoast_wpseo_metadesc":["A critical new vulnerability called Log4j was disclosed last week - and at risk are hundreds of millions of devices around the world."],"_yoast_wpseo_primary_category":["2372"],"_thumbnail_id":["214472"],"bs_social_share_facebook":["0"],"bs_social_share_twitter":["0"],"bs_social_share_linkedin":["0"],"bs_social_share_reddit":["0"],"bs_social_share_interval":["1641552805"],"meta-shares":["46"],"meta-readers":["353"]},"_links":{"self":[{"href":"https:\/\/techwireasia.com\/wp-json\/wp\/v2\/posts\/214464"}],"collection":[{"href":"https:\/\/techwireasia.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/techwireasia.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/techwireasia.com\/wp-json\/wp\/v2\/users\/607"}],"replies":[{"embeddable":true,"href":"https:\/\/techwireasia.com\/wp-json\/wp\/v2\/comments?post=214464"}],"version-history":[{"count":7,"href":"https:\/\/techwireasia.com\/wp-json\/wp\/v2\/posts\/214464\/revisions"}],"predecessor-version":[{"id":214471,"href":"https:\/\/techwireasia.com\/wp-json\/wp\/v2\/posts\/214464\/revisions\/214471"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/techwireasia.com\/wp-json\/wp\/v2\/media\/214472"}],"wp:attachment":[{"href":"https:\/\/techwireasia.com\/wp-json\/wp\/v2\/media?parent=214464"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/techwireasia.com\/wp-json\/wp\/v2\/categories?post=214464"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/techwireasia.com\/wp-json\/wp\/v2\/tags?post=214464"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}