By Claire Gordon • Published: 11 Dec 2021 • 10:44
Computer cyber security experts are in a panic over a newly discovered internet software flaw that they are calling the “most critical vulnerability of the last decade”. The widely used tool, Log4Shell, is quickly emerging as a huge threat to organizations all around the world, and therefore for their customers too.
“The internet’s on fire right now,” said Adam Meyers, senior vice-president of intelligence at the cybersecurity firm Crowdstrike. “People are scrambling to patch”, he said, “and all kinds of people scrambling to exploit it”. Speaking on Friday 10 December, 12 hours after the system bug had been disclosed to the wider programmer community, he said hackers had “fully weaponized” the internet software flaw, meaning they have developed and distributed ways to exploit it.
The flaw, named “Log4Shell”, is being called the worst vulnerability issue in years. It was discovered in an open-source, or free, tool that is used all over the world in cloud servers owned by big groups such as corporations and governments. Unless it is fixed, it grants criminals, spies and programming novices alike, easy access to internal networks where they can steal valuable data, plant malware, erase crucial information and much more.
“I’d be hard-pressed to think of a company that’s not at risk,” said Joe Sullivan, chief security officer for Cloudflare, whose online infrastructure protects websites from malicious hackers and programs. Amit Yoran, CEO of the cybersecurity firm Tenable, called it “the single biggest, most critical vulnerability of the last decade” – and possibly the biggest in the history of modern computing.
Experts are saying the ease with which any attacker can get into company servers, with no password, is what makes it so extremely dangerous. Yoran is spreading the message far and wide and said organizations need to assume that they have been compromised and act quickly. Research that has been done on the huge internet software flaw is finding evidence that it could be used against big companies such as Amazon, Twitter and Apple.
Thank you for taking the time to read this article, do remember to come back and check The Euro Weekly News website for all your up-to-date local and international news stories and remember, you can also follow us on Facebook and Instagram.
Share this story
Subscribe to our Euro Weekly News alerts to get the latest stories into your inbox!
By signing up, you will create a Euro Weekly News account if you don't already have one. Review our Privacy Policy for more information about our privacy practices.
By signing up, you will create a Euro Weekly News account if you don’t already have one. Review our Privacy Policy for more information about our privacy practices.
Download our media pack in either English or Spanish.