Software flaw leaves millions of computer systems open for attack
3 min read/cloudfront-us-east-1.images.arcpublishing.com/gray/TQKWPXMEZ5CHDD7X2AGMJBJEKQ.jpg)
RICHMOND, Va. (WWBT) – Protecting your information in the digital age has never been more important, but doing that may be tougher thanks to vulnerabilities discovered in a computer code known as Log4j.
Cyber experts say the flaws in Log4j are especially troubling because it is used in countless computer system software companies worldwide. If properly exploited, it could be used to hack these systems and steal data.
“Vulnerabilities in computer code are basically problems,” Alex Nette said. “A good way to think about it is if you build a house, and you’ve made that house secure by putting windows, walls, and a roof, but if you left that back door open, somebody could just walk right in.”
Nette is the CEO of Richmond-based cyber security company Hive Systems, which focuses on helping companies be more secure in the digital age. Nette says he has been closely following the recent discovery of the Log4j vulnerabilities. Hackers are currently taking advantage of flaws in this code, which can be found in everything from simple computer games to the cyberinfrastructure of multi-billion-dollar businesses.
Nette says the vulnerability of Log4j was discovered in the popular building game Minecraft.
“In this case, there were hackers in the game trying to hack into the game to take advantage of it so that they could cheat and exploit the game,” Nette said. “In just trying to cheat, they discovered something that could actually impact the entire world at large.”
“Something as innocuous as somebody trying to cheat inside a game is now causing a multi-billion-dollar response to try to address this,” Nette said. “Banking sites, Facebook, or even Apple products like that all of those have actually been impacted by this.”
Nette says the risk lies primarily with major companies. The race is now on for companies to rush to patch that and fix the flaws in their systems before hackers find their way in.
“In this case, it’s estimated that over a third of all computer servers are actually impacted by this vulnerability. That’s a huge footprint for hackers to take advantage of,” Nette said. “While you may not be a target, you may be caught up in it.”
Nette says if sufficiently exploited, hackers could steal vital passwords, credit card information, banking data and other private information provided by customers.
“Down the line, there are also likely problems like ransomware getting installed and proliferating,” Nette said.
In the meantime, Nette says there are steps you can take to protect yourself as companies scramble to find their own solutions.
“We always recommend installing the latest operating systems and applications updates both on your phones and your computers, but one of the biggest things we always recommend is making a backup of all your information,” Nette said.
Nette says that making sure that you always use trustworthy services for banking and online transactions is vital, especially during the holiday shopping season. Enabling two-step authentication on your business or financial accounts can also stave off potential hackers.
Copyright 2021 WWBT. All rights reserved.
Want NBC12’s top stories in your inbox each morning? Subscribe here.
