The main US cybersecurity agency said a recently disclosed flaw in widely used open-source software appeared to be a relatively minor issue, with many attacks seeking to hijack computing power to mine cryptocurrency.
Officials at the Cybersecurity and Infrastructure Security Agency (CISA) said they had not confirmed reports by security companies of ransomware installations or attempts by other governments to steal secrets.
“We are not seeing widespread, highly sophisticated intrusion campaigns,” Eric Goldstein, executive assistant director for cybersecurity at CISA, said in a call with reporters.
He warned the threat would continue to evolve and the agency was still working to assemble reliable information on what types of software were subject to the attacks.
The Department of Homeland Security was working with vendors to have them deploy fixes where needed.
Common Logging Tool
The flaw was found in a common logging tool, known as Log4j, and it is carried forward by at least hundreds of other programmes that rely on the tool. Goldstein said the flaw is easy to exploit.
Although a patch in the tool has been available since December 6, many of those other programmes also have to implement the patch to ensure an attacker cannot get deep network access.
“The log4j vulnerability is a significant threat for exploitation due to the widespread inclusion in software frameworks, even NSA’s GHIDRA,” Rob Joyce, cybersecurity director at the US National Security Agency, wrote on Twitter, referring to a reverse engineering tool developed by the agency.
The flaw in Log4j, which is used by millions of web servers, leaves them vulnerable to attack, and some analysts say the risk to security is much more serious than the CISA reaction would indicate.
“The internet’s on fire right now,” Adam Meyers at security company Crowdstrike told the UK magazine New Scientist this week.
The problem was first noticed in the video game Minecraft but quickly became apparent millions of web applications, including Apple’s iCloud.
- Reuters, with George Russell
READ MORE:
Russian Ransomware Gang Claims Australia Cyberattack
Cyber Attacks Could Lead to War, Says Biden: FT
China Rejects ‘Fabricated’ Cyber Attacks Claims by Allies
