Cybercriminals scanning Australian entities for serious cyber vulnerability

Australian business and households must urgently patch their applications and software products as malicious cyber adversaries conduct thousands of scans in search of the Log4j software vulnerability.

The Australian Cyber Security Centre (ACSC) is seeing malicious actors attempting to find those who remain vulnerable. Thousands of software products that use this common piece of computer code are at risk, and many are yet to be fixed.

If not fixed, cyber attackers can break into an organisation’s systems, steal user passwords and login details, extract sensitive data, and infect its networks with malicious software causing widespread business interruption.

A detailed alert of the vulnerability has been published on the ACSC website.

Assistant Minister for Defence, the Hon Andrew Hastie MP, said thousands of Australian organisations had already been subject to targeted reconnaissance, and many have been exploited and compromised.

“This is a serious vulnerability in affected systems, akin to leaving every door and window in your home unlocked on Christmas Eve,” Assistant Minister Hastie said.

“It is absolutely critical that Australian businesses and households patch their systems and networks urgently before going on holidays. Not doing so will give our cyber adversaries an early Christmas present. Cybercriminals don’t take a holiday for the Christmas season. They are ruthless and opportunistic.”

“This requires immediate action. Therefore I am calling on all Australian businesses and households to ensure their applications and products are patched and up-to-date, and to follow the ACSC advisories. Even after patching, organisations must continue to monitor to see if any attackers are still lurking in their systems,” Assistant Minister Hastie said.

The ACSC released an updated advisory on Tuesday 21 December 2021, following advice first issued on Friday 10 December 2021.

The ACSC is aware of around 400 vendors who may use this library. These vendors are responsible for some of the most common software globally, including messaging and productivity applications, mobile device managers, teleconference software, web hosting, and even video games. The ACSC is working with a significant number of victims and affected vendors across all sectors of the economy.

Advice and mitigations are available for all Australian organisations at cyber.gov.au.

The ACSC National Hotline 1300 CYBER1 (1300 292 371) is able to provide assistance as required.