Cybersecurity, National Agency warns: “Log4Shell critical vulnerability”

It is as if billions of house doors were suddenly open, without any protection. As if anyone with malicious intent could enter and take possession of it. It is still difficult to establish the true extent of the vulnerability discovered on computer systems that use the Java language, but that it is something serious is unanimous opinion among experts. L’Cybersecurity Agency Nazionale speaks of “a vast and diversified attack surface over the entire network”, defining the situation as “particularly serious”. In other words, Internet is in danger. His safety is compromised. All of them suddenly find themselves with their flanks uncovered software and applications written in Java, the most used programming language in the world: billions of programs and applications, from servers to smartphone. And the consequences could be even worse if no solutions are found in the next few days Log4Shell, so the vulnerability was called, with the risk of compromising the security not only of server and companies, but also gods smartphone, computer, in short, all the devices in circulation. So much so as to bring some experts to talk about “Computer apocalypse“.

Cybersecurity: Log4Shell and global crash risk. The analysis

What happened: “Researchers discovered a vulnerability in Log4j, a library used by the vast majority of software with language Java that allows you to write in the software what are called ‘logs’, that is the ‘status’ of the software itself that allow you to photograph a moment of the software development, recording progress, performance, problems and solutions “, he explains to Agi Marco Ramilli, CEO of Yoroi. The vulnerability is in the tags of these logs, which a bit like the tags of blogs or those on Twitter allow you to identify the type of log that has been written previously. “It turned out that one of these tags allows you to execute a command, launch a program,” continues Ramilli. Any type of command or program. He manages to say to the machine: ‘Do this’. An attacker can then through this tag make the machine do whatever he wants. It can throw code on the machine. But to do what? “Anything. Right now what we see is that the attackers use this vulnerability to do cryptocurrency mining “, that is the operation that allows you to create bitcoin, a particularly complex activity that requires calculation skills and energy. “But they could do anything: enter a company’s servers, see what’s inside, steal trade secrets or decide to launch ransomware attacks to monetize their systems control,” says Ramilli, who admits to having seen an attack of this type “about five, eight times in the last 20 years”.

Log4Shell, what it is and why according to experts there is a risk of the IT apocalypse

In detail, what it is Log4j? “If you use Java, you probably use Log4j,” he explains to Agi Matteo Flora, cyber security expert and CEO of TheFool. “It’s the de facto standard for anyone who uses Java” for programming. “It’s everywhere, from Tesla, to Twitter, to Facebook, to numerical control systems to iPhones. What has emerged is an unresolved vulnerability “. What happens then? “In the worst case it is a bit of the computer apocalypse: if this vulnerability is not resolved, it gives the possibility to launch commands. And we are already seeing cryptominers and abusive logins around. The problem is, a lot of this stuff is embedded, so there are no fast update systems. Plus it’s everywhere “. Ramilli instead uses a metaphor: “Logging like that of Log4j is a bit like the text of an actor followed on the stage: it is used to follow a track, or to go back to a specific point if you want to work on an error”. A track to follow, and execute. In one of his passages, however, there is the possibility of completely changing the plot of the text, and of writing one’s own. To your liking.

Cybersecurity, because smartphones are also at risk. Hacker alert

Java it’s on about 3 billion devices. AND Log4j, developed by Apache, it is used by almost all programmers. To give an idea of ​​its use and its reliability, just think that even Ingenuity, the NASA helicopter that landed on the ground of Mars last February, has software that uses Log4j, as Apache itself announced on its Twitter profile. . But you don’t have to go to Mars to understand the enormous use of this programming language. In these hours hundreds, perhaps thousands of hacker all over the world they are trying to detect this vulnerability in software and servers in order to take possession of it and launch attacks. The biggest risk at the moment is run by companies and organizations, more or less large. Situation made even worse by the fact that it is often difficult to understand if Log4j was used in the development of their software, by whom, and when. On the grill, however, there are not only companies and institutions. Because the problem could soon concern the individual user, a smartphone owner, or a smartwatch owner. “If attackers attack a company, the user who is logged into that system”, be it Twitter, Minecraft or Ecommerce company, to name some of the platforms that have currently identified the vulnerability, “you could see your personal data, or those of your credit cards ”, explains Ramilli. While even more serious is the possibility that could occur in the next few days if quick solutions are not found: “Malicious hackers could spread corrupted links and open through this vulnerability backdoors on people’s devices, phones, tablets, any object connected to the network. And once you open one backdoor he can do what he wants “. For Ramilli there is time for a few more days. “As early as the middle of next week the situation could be difficult to recover”. It is a race against time.