As we saw over the summer with the Colonial Pipeline ransomware attack, hackers are constantly looking for cybersecurity vulnerabilities. Airlines remain a prime target, particularly with the new log4j loophole.
Airlines Hit With Barrage Of Attempted Log4j Cyberattacks
In a memo to employees, Linda Jojo, United’s Executive Vice President of Technology & Chief Digital Officer, shares that over the last 10 days, United’s cybersecurity team has detected and stop over 105,000 attempts to hack into United’s systems using the log4j vulnerability.
Log4j is a Java-based logging utility that helps applications keep track of their past activity. It was recently discovered that by inserting malicious code, log4j would essentially run with it, executing it in a manner which allowed servers to be infiltrated.
While such software vulnerabilities are fairly common, the ubiquitous nature of this software makes it a huge deal. Companies, governments, and platforms around the world rely on it, creating a particularly acute vulnerability.
As companies race to add patches, hackers race to break in. This even implicates international relations, as Iranian hackers have purportedly used log4j to attempt to penetrate critical networks in Israel.
In the case of United or other airlines, had hackers been successful they could have crippled operations by installing ransomware to extract cyber currency in exchange for unlocking systems or refusing to release personal informations mined from company servers.
United’s tech team has been working around the clock to add patches, risking a disruption during the busy travel season in order to avoid a potentially even more wide scale and expensive disruption. Jojo remarked that while such patches would normally not take place until after the holidays, United saw no alternative than to risk it.
The patches were a success, with 171 core systems updated over the weekend with only limited and short (3-4 minutes) disruptions to systems.
Cyberattacks are nothing new and hardly limited to airlines (indeed, even Live and Let’s Fly employees robust defenses to fend off thousands of attempted cyberattacks each day). Still, airlines have been left open to log4j attacks and United has worked around the clock to patch up its systems in order to avoid disruptions, data loss, or even a total takeover of critical operations.
“United’s cybersecurity team has detected and stop over 105,000 attempts to hack into United’s systems using the log4j vulnerability.”
People that work in cybersecurity love making statements like this implying this number of individuals try to breach their system. In reality, the vast majority of these were from bots scanning the internet for systems with the vulnerability and were not targeted at United.
I think “ Java-based login utility” should be “ Java-based logging utility”?