Follow us on NMTC at LinkedIn NTMC at FaceBook NMTC at Twitter NMTC at Twitter

This software flaw could cause issues for years to come.

WHAT IS IT?

A piece of faulty software called Log4J has exposed major companies to over 1.2 million cyberattacks since last Friday, according to researchers. So far, the only company known to have been breached via Log4J is Microsoft, which had its servers for the video game Minecraft hijacked. Other companies are currently in investigation mode, so the full fallout is unknown. Log4J was maintained by a team of volunteers who in their free time code for the nonprofit Apache Software Foundation. It’s one of dozens of open-source, volunteer-run organizations that create the free software that underpins most major companies’ operations.

WHY IMPORTANT

The US government had already warned companies last month to stay extra vigilant against online attacks ahead of the holidays, a popular period for hackers to strike. It’s already one of the most wide-reaching security breaches ever, and it could take years to fully fix. The little-known but widely used Log4J software helps major companies, including Amazon, Apple, Tesla, IBM, and Twitter, log and track user activity across a range of applications. Now, cyberattackers are using it as a crowbar to break into computers. Once in, hackers can: extract sensitive data, Mine crypto, join the computer to a “botnet”—a system of interconnected computers used to mass-send spam and perform other nefarious actions.

WHAT NOW?

The volunteer team has already created a patch to fix the issue, but corporate software engineers have to adapt and deploy the update. Plus, hackers who walked into servers through the Log4J door likely broke some windows while in there, allowing them to circumvent the first patch.

READ MORE

NMTC Logo Main Web 2021 02

Northeastern Maryland Technology Council
2021 Pulaski Hwy, Suite D, Havre de Grace, MD 21078
410-638-4466

John W. Casner, Executive Director
john.casner@nmtc.org

  Copyright NMTC

Follow us on NMTC at LinkedIn  NTMC at FaceBook  NMTC at Twitter  NMTC at Twitter