Log4j Security Vulnerability Could Shut Down Internet? Experts Claim It’s a Big Concern

Log4j has caused concern for many security experts because of its threat. Some cybersecurity researchers even claimed that this Java programming language component could completely shut down the global internet if it was used in a massive malicious campaign.  . 

Log4j Security Vulnerability Could Shut Down Internet? Experts Claim It's a Big Concern

(Photo : Photo credit should read JONATHAN NACKSTRAND/AFP via Getty Images)
Joel Kjellgren, Data Center Manager walks in one of the server rooms at the new Facebook Data Center, its first outside the US on November 7, 2013 in Lulea, in Swedish Lapland. The company began construction on the facility in October 2011 and went live on June 12, 2013 and are 100% run on hydro power.

Experts are concerned since many individuals, organizations, companies, businesses, as well as governments are relying on the internet to conduct essential daily activities. 

Since Log4j is based on JavaScript, it is considered an open-source package. This means that this system component is not protected by DEP (Data Executive Prevention) or ASLR (Address Space Layout Randomization), as reported by PC Mag. 

Now, Google, Silicon Valley corporations, and other tech firms are doing their best to prevent the security issue posed by Log4j. 

Log4j Security Vulnerability Could Shut Down Internet? 

According to WION’s latest report, Log4j is an essential code that powers the internet. It helps many applications and software models to log and track past activities.

Log4j Security Vulnerability Could Shut Down Internet? Experts Claim It's a Big Concern

(Photo : Photo credit should read KIRILL KUDRYAVTSEV/AFP via Getty Images)
A picture taken on October 17, 2016 shows an employee walking behind a glass wall with machine coding symbols at the headquarters of Internet security giant Kaspersky in Moscow. The US government banned the use of Kaspersky security software in federal offices on September 13, 2017, saying the Russian company has risky ties to Russian intelligence that threaten US national security.

Also Read: T-Mobile Anti-Scam Initiative Blocks 21 Billion Spam Calls After Doubling in Numbers This 2021

However, since it is an open-source package, the U.S. Cybersecurity Director, Jen Easterly, claims that it could also be a serious security flaw of the internet. 

She added that among the current security vulnerabilities of the internet, it is the most significant one she saw during her career. If some hackers can completely use Log4j to compromise the internet, Amazon, Microsoft, IBM, Oracle, Google, and other tech companies would greatly be affected.  

Why Log4j Concerns Experts

Some cybersecurity experts discovered a method hackers could use to take advantage of the Log4j component. They explained that cybercriminals need to make the application log a line of malicious code. 

After that, their malicious program would execute the flaw, allowing them to have complete access to the entire internet server. If you want to see more details about this JavaScript component, all you need to do is click this link. 

In other news, security researchers discovered some hotel WiFi network security flaws. Meanwhile, Meta sues criminals behind the latest malicious campaigns on Messenger, Instagram, and Facebook. 

For more news updates about Log4j and other possible internet flaws, just keep your tabs open here at TechTimes.  

Related Article: Log4j Scanner by CISA Has Been Released to Look for Security Vulnerabilities, Flaws from Apps

This article is owned by TechTimes

Written by: Griffin Davis

ⓒ 2021 TECHTIMES.com All rights reserved. Do not reproduce without permission.

================

Source link

Leave a Reply