Cyber Security threat,US warns the world

COLOMBO (News 1st); Senior executives from major US corporations were warned of a grave cyber security threat, which is a newly discovered software vulnerability that could potentially put hundreds of millions of devices across the world at risk.

The vulnerability is in Java-based software known as "Log4j" that major firms, including some of the world's biggest tech firms, use to log information their applications.

This software flaw provides hackers with easy access to the organization's main computer severs, where they can devise other methods to illegally access the system on the company's network.

Top tech giants like Amazon Web Services and IBM have taken immediate steps to address the bug in their products.

 Major tech firms are on an uphill battle, trying to contain the fallout of the incident as hackers are widely exploiting this software flaw, posing a great threat to data security on the cyber realm.

Moreover, US officials warned  industry executives over a phone call, stressing the significant consequences of this serious cyber threat.

It's the starkest warning yet from US officials, about the software flaw since news broke late last week, that hackers were using it to try to break into organizations' computer networks.

"This vulnerability is one of the most serious that I've seen in my entire career, if not the most serious," ,Jen Easterly, director of the US Cybersecurity and Infrastructure Security Agency (CISA), said in a phone briefing attended by major financial firms and heath care executives.

Chinese-government linked hackers have already begun using the vulnerability, according to Charles Carmakal, Senior Vice President and Chief technology Officer for cybersecurity firm Mandiant.

To address the issue, CISA said it would set up a public website with information on what software products were affected by the vulnerability, and the techniques that hackers were using to exploit it.

However, hackers had more than a week's head start on exploiting the software flaw, before it was publicly disclosed, according to cybersecurity firm, Cloudflare.

Organizations are now in a race against time to figure out, if they have computers running the vulnerable software that were exposed to the internet. Cybersecurity executives across US government and industry are working around the clock to counter this issue.