Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
China Security

Hackers Backed by China Seen Exploiting Security Flaw in Internet Software (wsj.com) 41

Hackers linked to China and other governments are among a growing assortment of cyberattackers seeking to exploit a widespread and severe vulnerability in computer server software, according to cybersecurity firms and Microsoft. From a report: The involvement of hackers whom analysts have linked to nation-states underscored the increasing gravity of the flaw in Log4j software, a free bit of code that logs activity in computer networks and applications. Cybersecurity researchers say it is one of the most dire cybersecurity threats to emerge in years and could enable devastating attacks, including ransomware, in both the immediate and distant future. Government-sponsored hackers are often among the best-resourced and most capable, analysts say.

"The effects of this vulnerability will reverberate for months to come -- maybe even years -- as we try to close these doors and try to hunt down all the actors who made their way in," said John Hultquist, vice president of intelligence analysis at the U.S.-based cybersecurity firm Mandiant. Both Microsoft and Mandiant said they have observed hacking groups linked to China and Iran launching attacks that exploit the flaw in Log4j. In an update to its website posted late Wednesday, Microsoft said that it had also seen nation-backed hackers from North Korea and Turkey using the attack. Some attackers appear to be experimenting with the attack; others are trying to use it to break into online targets, Microsoft said.

This discussion has been archived. No new comments can be posted.

Hackers Backed by China Seen Exploiting Security Flaw in Internet Software

Comments Filter:
  • by nagora ( 177841 ) on Wednesday December 15, 2021 @11:57AM (#62083209)

    https://nvd.nist.gov/vuln/deta... [nist.gov]

    Did you enjoy your two days of feeling secure?

    • Do you ever feel secure?
      If so you are probably the one getting hacked.

      Early on people though if they had Linux compared to Windows, they were just that much more secure.
      Even if they had setup their Linux distribution with all services (including telnet) and no Root password.

      The endless fun you can have causing the CD Tray to open and close, or play random noises out of the video card.

      Then the guy goes and buys more equipment to replace all the broken stuff, because he couldn't consider that his Linux envrio

      • Re: (Score:3, Funny)

        by Anonymous Coward

        Do you ever feel secure?

        Of course. I write everything in Java, so obviously I can't make code that will suffer from memory leaks, stack smashing, zombie pointers to deallocated memory, etc. Therefore, everything is secure and impenetrable.

        Most secure election in history!

      • by quenda ( 644621 )

        Even if they had setup their Linux distribution with ... no Root password.

        That is just normal these days. You only have passwords for human users.

    • by Hentes ( 2461350 ) on Wednesday December 15, 2021 @02:02PM (#62083637)

      It's just a logging library, it's not doing anything important. Just turn it off instead of waiting for a patch.

  • Those don't seem to be supportable conclusions. Did they manage to trace the IP address to somewhere in China? Did they find Chinese text somewhere? The Log4j flaw's likely to be exploited by pretty much every hacker around the world. Why single out China? Is this part of the USA's hostilities towards China? Are they working their way towards another Iraq-style conflict based on flawed &/or non-existent evidence with China?
    • Dui.

    • by Anonymous Coward

      "Hackers" already means "what follows is mostly tosh".

      So what we have is a word-salad full of scare-words without hard information. This is par for the course for this game. But then, the point never was to inform you, or anyone, at all. In that sense of wilfully failing to tell you anything new, this is "fake" news.

    • And even if "linked to" that is in no way "backed by" It is willful propaganda. I am sure there is many a hacker "linked to" the U.S.
    • by znrt ( 2424692 )

      why waste a juicy opportunity to smear china? it's all over the place, has been a recurrent narrative by u.s. tech/business news for years now.

    • by mrobinso ( 456353 ) on Wednesday December 15, 2021 @01:30PM (#62083523) Homepage

      They didn't single out China.

      They mentioned "Hackers linked to China and other governments", and went on to mention "they have observed hacking groups linked to China and Iran" and further on mentioned North Korea and Turkey. These are their "observations", not their "conjectures" or "speculation".

      The countries they mentioned are among the most despotic in the world, famous for not only this type of deplorable activity but also for some of the most serious and chronic human rights violations in the history of this planet, including ethnic cleansing resulting in thousands of deaths.

      Should these countries be mentioned by name? Damn straight.
      Should China have been mentioned? Oh hell yes.
      Despite not being singled out, should/could they have been singled out? Absolutely.

      • They didn't single out China.

        They mentioned "Hackers linked to China and other governments"

        The headline singled out China.
        It's just a fact.

        Hackers linked to China and other governments are among a growing assortment of cyberattackers seeking to exploit a widespread and severe vulnerability in computer server software, according to cybersecurity firms and Microsoft. From a report:

        The summary also singled out China.

        Only at the bottom did they mention Iran, North Korea and Turkey.
        Single out China for the main thrust, and then in the footnote link them to some other 'bad guy' countries as well.

      • As far as I can tell, China's greatest 'crime' was gaining its independence from British & American colonialism. They've been demonised & insulted by western media & governments as the 'yellow peril' ever since. The human rights 'attrocities' frequently mentioned in US media are usually about the Uyghur population in north-west China. To put it into perspective, there's a strong Mujahadeen style fundamentalist Islamic separatist movement there. Is the Chinese govt being heavy-handed in dealing w
    • Microsoft didn't present evidence supporting their claim. The article further goes on:

      "[Other] security researchers have seen no signs to date, however, that China or another nation-state hacking group is attempting widespread exploitation of the Log4j issue on the same scale as the Microsoft Exchange attacks, which infected hundreds of thousands of servers across the globe."

  • There are a lot more Chinese, and they don't have to be afraid of a swat team suddenly kicking their door down.

    You are responsible for everything that you put on the internet. If it gets stolen, hacked, it's your own fault. You can't blame anonymous like a clown because nothing will happen.

    • There is a lot of blame to go around.
      Individual responsibility to take adequate steps to keep their data safe.
      Companies to provide tools that can give individuals the ability to take those adequate steps
      Academics who need to be open about changes and new discoveries to allow new tools to adapt.
      Governments who need to support its citizens in their attempt to secure themselves, as well be a strong force against other governments who are allowing this.
       

    • by fermion ( 181285 )
      Nation states better be using these tools to protect security. If the US is not at the forefront then we are the losers in the basement. Intelligence gathering is critical to insure to plan adequate defense. And hacking, as shown in the destruction the centrifuges used to refine nuclear material.
  • correct link (Score:5, Informative)

    by DeBaas ( 470886 ) on Wednesday December 15, 2021 @12:28PM (#62083327) Homepage

    Correct link : https://www.wsj.com/articles/h... [wsj.com] . Seems an extra = character ended up in the link

  • This ARSechnica post from december 7 tells about Microsoft taking over the Nickel servers.
    https://arstechnica.com/inform... [arstechnica.com]
  • They forgot to mention how the USG's hackers are using the same exploits on their targets. Or does it not count when we're doing the hacking?

  • Log4j bug discovered on November 24, 2021 and fixed on December 6, 2021 ref [wikipedia.org]

Solutions are obvious if one only has the optical power to observe them over the horizon. -- K.A. Arsdall

Working...