Over 40 per cent of global networks have been victims of attempted attack, via the Log4j flaw, which was disclosed to the public less than a week ago.
The flaw allows hackers to exploit log files on servers, turning them into malicious instructions that download unauthorised spyware, allowing bad actors access to a server.
Within hours of the flaw being exposed, servers ran by Microsoft, Amazon and Google were under attack. There are currently over 100 attacks per minute.
“Since we started to implement our protection we prevented over 1,272,000 attempts to allocate the vulnerability, over 46% of those attempts were made by known malicious groups,” said cybersecurity company Check Point.
“Unlike other major cyber-attacks that involve one or a limited number of software, Log4j is basically embedded in every Java based product or web service. It is very difficult to manually remediate it.”
National cybersecurity bodies around the world have warned companies to update software.
