December 9, 2021A critical zero-day vulnerability affecting the Apache Log4j2 library, a Java-based logging utility, was exposed to the world and broke the Internet.
Java is the third most widely used computer language and is virtually ubiquitous, and the Log4j2 library is extremely popular, with Java currently running on 15 billion devices worldwide. Worst of all, Log4j is hard to find and easy to use, putting millions of Java applications, databases, and devices at high risk.
The full range of risks associated with the vulnerability is unprecedented and covers all types of organizations in every industry. Because of its ease of operation, combined with the difficulty of identifying vulnerabilities in your organization, Log4Shell is a proverbial needle in a haystack.
Jane Easterly, director of the Cybersecurity and Infrastructure Security Agency, said that Log4Shell is a “major” vulnerability that she has encountered in her decades-long career. He urged business leaders not to delay recovery processes, noting that it could take years to fix this vulnerability. Fixing this vulnerability will not be a simple one-time process and will require multiple detection methods.
Faster to fix, faster to use
In the last two weeks of 2021, when many companies were ready to work with IT professionals, hackers and attackers saw an opportunity. Soon this critical vulnerability in Java was exploited in the real world. In just 72 hours after the vulnerability was discovered, about 1 million attack attempts were made.
Worse, as part of an ongoing intelligence-gathering campaign, the notorious Chinese hacker group APT41, which has raided local government offices in at least six US states over the past 10 months, has controlled at least two used Log4Shell as its primary vector for doing so. . State computer systems.