The “worst ever” Internet security breach has been discovered and it affects everything from Amazon and NASA to Minecraft and smart TVs.
Tech companies are reportedly in a state of panic over the vulnerability, which could let hackers take control of almost anything on the Internet.
According to the Seattle Times, staff at Silicon Valley firms have been pulling all-nighters trying to ensure their code is safe. One employee at Google said the company has seen more than 500 engineers having to work overtime to check their software.
The US Cybersecurity director, Jen Easterly, told CNBC that the security loophole, known as log4j, is “the most serious vulnerability I have seen in my decades-long career.”
Essentially, huge sections of the Internet use a chunk of code called log4j. This helps different software log and track past activity.
However, cybersecurity experts have realised that hackers just have to make the program log a line of malicious code and it will execute it, giving hackers control of entire servers.
The reason it is such a big threat is that log4j is one of the most widely used chunks of code across the entire Internet.
It is part of Java, a programming language used by a huge majority of software.
Critically, web giants like Amazon, Google, Microsoft, IBM, and Oracle are affected, which means every single other website or company that relies on their services are at risk too.
That includes Minecraft, most smart TVs, and even NASA’s Ingenuity helicopter on Mars.
The loophole has reportedly been around for years, and has been used by Iranian-backed hackers to try and break into the Israeli government.
The US government has given a deadline of Christmas Eve for fixing the problem, but even if it is fixed in time, hackers could already have worked their way into thousands of apps and services.
To keep yourself safe, don’t open any spam messages or suspicious emails, and update all of your apps to the latest version. Hopefully, this will pass, and we’ll still have an Internet left to enjoy in January.