Singapore’s Cyber Security Agency (CSA) has raised the country’s alertness level on the Log4j software flaw, joining a growing list of governments and industry experts to sound the alarm over the critical vulnerability.
The CSA said on Friday that it had held two emergency meetings over the past week with government agencies in charge of the country’s 11 critical information infrastructure (CII) sectors, including telecommunications, transport, banking, and finance.
Josephine Teo, Minister for Communications and Information stated in a Facebook posting that the CSA and Government Technology Agency both were fixing official systems “thoroughly,”However, CII companies were warned to “stay vigilant” as the flaw’s “ease of attack”This is how it works “too attractive for bad actors.”
Continue reading
Note that “situation is evolving rapidly,”The CSA claimed it had found “ongoing attempts by threat actors”To “scan and attack vulnerable systems.” The agency added that it had not received reports of breaches relating to the bug, which stems from the Apache Software Foundation’s widely-used open-source Java logging utility, Log4j.
Tenable describes Tenable’s security system as: “single biggest, most critical vulnerability of the last decade,”The flaw allows hackers access to the tools and run ransomware attacks. This includes deleting and locking data, hacking and overpowering them. According to some estimates, the vulnerability has been exploited more than 1.2million times in the week.
Several US government officials and agencies have issued warnings about the bug’s seriousness. Alejandro Mayorkas (Homeland Security Secretary) told Thursday the German Marshall Fund of USA that the bug was serious. “uppermost in our action plans.”
The challenge it presents is its prevalence, because they attacked a software that is omnipresent, and then there’s a vulnerability that has been exposed and others can jump in in the exploitation of that vulnerability and really multiply the harm.
A top Biden government official disclosed that several federal systems were affected by the flaw. Anne Neuberger (Deputy National Security Advisor Cyber & Emerging Technology), spoke on Thursday to Bloomberg Television and said that the vulnerability could affect as many as 50,000 systems. “to grow.”The US Patent and Trademark Office is thought to have been among the affected.
[ad_2]
