Why This New Cybersecurity Flaw Is the ‘Most Serious’ in Decades
A newly discovered cybersecurity flaw is affecting vast swaths the internet from Google and Amazon to the systems used to run militaries and hospitals, with US Homeland Security’s top cybersecurity official calling it the most serious vulnerability in decades.
The flaw is present within a popular piece of software called Log4j, which is part of the ubiquitous programming language Java. Log4j is used by millions of websites and apps — and the software’s flaw potentially allows hackers to take control of systems by typing a simple line of code, according to cybersecurity experts.
“The log4j vulnerability is the most serious vulnerability I have seen in my decades-long career,” Jen Easterly, the director of the US Cybersecurity and Infrastructure Security Agency, said Thursday on CNBC.
Most hacking attempts using Log4j so far have involved attackers trying to install cryptocurrency “mining” software on victims’ computers. However, an Iranian hacking group called “Charming Kitten” has also tried to use the vulnerability to breach government agencies and businesses in Israel, according to the cybersecurity company Check Point.
The Log4j flaw is more serious than other cybersecurity flaws because of its “ubiquity, simplicity and complexity,” according to Easterly.
“The Log4j vulnerability is the most serious vulnerability that I have seen in my decades-long career,” CISA Director Jen Easterly tells @EamonJavers in an exclusive interview. “Everyone should assume that they are exposed and vulnerable.” pic.twitter.com/AJfaTuZ8FE
— CNBC (@CNBC) December 16, 2021
(Read more from “Why This New Cybersecurity Flaw Is the ‘Most Serious’ in Decades” HERE)
Delete Facebook, Delete Twitter, Follow Restoring Liberty and Joe Miller at gab HERE.
