A huge number of cyber attacks take advantage of a dangerous flaw called log4shell in the software log4j. We will see how this form of attack works and whether it can affect us.
What Is Log4j?
The log4j error is also called the log4shell vulnerability and is known by the number CVE-2021-44228 ) is a weakness mainly in Apache servers. The bug is in the open source log4j library, a collection of predefined commands that developers use to speed up their work and prevent them from repeating complex code.
Libraries are the foundation of many, if not most, programs, as they save us a lot of time. Instead of having to write a whole code over and over again for some tasks, you just write a few commands that tell the program that it needs to get something from a library. Think of them as shortcuts that you can put in your password.
However, if something goes wrong, such as in the log4j library, it means that all programs that use this library are affected. This would be serious on its own, but Apache runs on too many servers.
How the Log4j defect works
You can replace a single text string (a line of code) that makes it load data from another computer on the Internet.
A hacker can feed the log4j library with a line of code that tells the server to retrieve data from another server that belongs to the hacker. This data could be anything from a script that collects data on devices connected to the server, such as browser fingerprints, but even worse, it could take control of that server.
Impact of Log4j
The impact of this defect is huge, as one-third of servers worldwide are affected, including those of large corporations such as Microsoft as well as Apple's iCloud and its 850 million users. The servers of the Steam gaming platform are also affected. Even Amazon has servers running Apache.
It's not just the big companies that could be hurt. There are many smaller companies running Apache. The damage a hacker could do to a system is quite small for a company billions, but in a small company it could be fatal..
All anyone can do now is install patches that fix the flaw. However, experts are already saying that it will take years to fully repair all affected systems. Cyber professionalsbetter safetyNot only should they find out which systems have been affected by the particular flaw, but checks should also be made to determine whether the system has been compromised and, if so, what the hackers did to those files.
Even after an update, there's a chance hackers left something behind that still does it work of. This means that the servers will have to be cleaned and reinstalled. A lot of work that cannot be done in one day.
How does Log4j affect you?
All of the above may sound like something that can only affect companies and not individuals. However, there is a risk to everyone, even if they are not running a server Apache.
As we mentioned, the hacker steal data from some servers. If a company doesn't secure the data properly (without encryption), there will be problems.
This data could be anything from usernames, passwords or even your Internet address and activity. Your credit card information is usually encrypted.
Although it is too early to say what will happen now, it seems that very few people will be able to avoid the effects of log4j.
