After the discovery last week of a major flaw, the National Information Systems Security Agency (Anssi) is planning a few hectic weeks for IT security managers, before a gradual return to normal.
The vulnerability is « grave » and “Promises a little painful end of year celebrations for many experts”, estimated Guillaume Poupard, general manager of Anssi. Corn “In a month we will probably not talk about it anymore, it will be residual”, he added, during a press conference about the future campus dedicated to Defense cybersecurity.
The vulnerability revealed last week is present in Log4j, a small code module used by multiple software and applications around the world. IT security managers everywhere are in a race against time to determine whether or not the servers used by their companies use Log4j.
A patch released
The flaw in this program is very easy to exploit and allows you to take control of the machines where this small code module is installed. A fix has been released, but hackers are automatically scanning servers all over the Internet for those that haven’t yet been protected.
For now, hackers seem to have only managed to use the vulnerability for relatively benign attacks, such as the clandestine installation of cryptominers (cryptocurrency mining software). Many companies have nevertheless publicly reacted, such as Amazon Web Services, Google Cloud or IBM, recognizing that some of the services they offer to users are affected by this vulnerability, and ensuring that everything is done to develop a ” patch ”, a fix.
Tuesday in the middle of the day, Mr. Poupard confirmed that he had no knowledge of proven use for more dangerous attacks, for ransomware or data theft for example. Corn “I’m afraid that by digging (…) we realize consequences which can be relatively serious ”, he said, adding: “My fear is that the vulnerability has been exploited for much longer than you might imagine. “