About 41 per cent of corporate networks in India have already faced a Log4j vulnerability, according to an analysis by cybersecurity firm Check Point Research (CPR).
The new vulnerability affects the widely used library Log4j which was created by Apache, the most widely used web server. The Log4j vulnerability allows remote code execution by simply typing a specific string into a textbox. It was first discovered by Minecraft players but soon it was realised that this vulnerability wasn’t just a Minecraft exploit, but works on every program using the Log4j library.
Researchers at CPR said that they’ve observed attempted exploits of the Log4j vulnerability, known as Log4Shell, on more than 44 per cent of corporate networks worldwide.
(Want to know more about how Log4j functions, check out our recent article where we dig more about the exploit and its workings.)
The Australia-New Zealand (ANZ) area was the most impacted region with 46 per cent of its corporate networks facing an exploit, while North America was the least impacted with 36.4 per cent of organizations facing such an attempt, the security firm added.
Early reports on December 10 showed merely thousands of attack attempts, rising to over 40,000 during Saturday, December 11. Twenty-four hours after the initial outbreak our sensors recorded almost 200,000 attempts of attack across the globe, leveraging this vulnerability. At the time of writing this article , the number hit over 800,000 attacks, the research noted.
Further, the report highlighted that atleast 46 per cent of those attempted exploits were made by known malicious groups.
Lotem Finkelstein, director, threat intelligence and research for Check Point, called the involvement of known malicious groups “most worrying”, adding that log4j “requires an immediate reaction from security teams or it can cause incalculable damage.”
“This vulnerability, because of the complexity in patching it and easiness to exploit, seems that it will stay with us for years to come, unless companies and services take immediate action to prevent the attacks on their products by implementing a protection,” CPR, said in a blog post.
Meanwhile, It is worth noting that this bug doesn’t affect all versions of Log4j , and only affects the versions between 2.0 and 2.14.1.