Top US government cybersecurity officials fear advanced hackers will have a field day with the Log4j vulnerability that’s likely present in hundreds of millions of devices.
Security experts are already seeing widespread scanning for the Log4j vulnerability (also dubbed ‘Log4Shell’) on internet-connected devices running vulnerable versions of Log4j version 2, which have been under attack since December 1, although the bug became common knowledge on December 9.
So far, Microsoft has seen attackers compromise machines to install coin miners, the Cobalt Strike pen-testing framework to enable credential theft and lateral movement, and exfiltration of data from compromised systems.
LOG4J FLAW COVERAGE – WHAT YOU NEED TO KNOW NOW
These attacks appear to be opportunistic cyber-criminal activity thanks to its ease of exploitation, but top officials at the US Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) fear “sophisticated actors” will also pounce on the bug soon.
“This vulnerability is one of the most serious that I’ve seen in my entire career, if not the most serious,” Jen Easterly, director of CISA said in a call shared with CNN. Easterly has spent 20 years in various federal cybersecurity roles.
“We expect the vulnerability to be widely exploited by sophisticated actors and we have limited time