Security leak threatens server: Germany's highest cyber authority calls red alert

IT security experts sound the alarm about a vulnerability that threatens servers in the network across the board.

The Federal Office for Information Security (BSI) raised its warning level on the security gap from orange to red on Saturday.

There are attempts at attacks around the world, some of which have been successful, it said to justify, among other things.

"The extent of the threat situation cannot currently be conclusively determined."

The weak point lies in a widely used library for the Java software.

The vulnerability could mean that attackers could possibly execute their software code on the servers.

For example, they could use this to run their malware there.

The vulnerability is limited to a few versions of the library called Log4j.

However, nobody has a full overview of where the endangered versions of Log4j are being used.

Software updates should be installed

"At the moment it is not yet known in which products this library is used, which means that it is not yet possible to estimate at this point in time which products are affected by the vulnerability," said the BSI.

"If the manufacturers provide updates, these should be installed immediately," recommended the office to the service providers.

Log4j is a so-called logging library.

It is there to record various events in server operation like in a log book - for example for a later evaluation of errors.

The vulnerability can be activated simply by saving a certain string of characters in the log.

This makes it rather easy to exploit, which has caused great concern for experts.

The problem was noticed on Thursday on servers for the online game "Minecraft".

IT security companies and Java specialists worked on the weekend to plug the vulnerability. An update is now available for the affected versions of the open source Log4j library. However, its protection only takes effect when service providers install it. That's why the firewall specialist Cloudflare built in a mechanism for its customers to block attacks. Experts warned that it is not just online systems that are at risk. A QR scanner or a contactless door lock could also be attacked if they used Java and Log4j, emphasized Cloudflare.

The IT security industry saw a race with online criminals who, for their part, automatically search for vulnerable servers.

"At the moment the priority is to find out how widespread the problem really is," said Rainer Trost of the IT security company F-Secure.

"Unfortunately, not only security teams, but also hackers work overtime to find the answer." Attackers could now only build inconspicuous backdoors for themselves with the help of the hole, warned Trost.

"The actual attacks will certainly not take place until weeks or many months later."