In this article, you will get all the information regarding Microsoft says hackers attacking energy grids using decades-old software
– Advertisement –
Microsoft said this week that the technology, which was discontinued in 2005, is still widely used and poses threats and vulnerabilities to the power grid and the petroleum industry.
According to the tech giant, malicious hackers are gaining access to secure networks and devices through common Internet of Things or IoT devices before deploying payloads.
Microsoft said it looked at a report published by Recorded Future that was published in April 2022 that detailed a suspected electrical grid intrusion in India and found a common component that is vulnerable – the Boa web server.
– Advertisement –
Security experts reveal the TikTok setting that exposes your data – and how to turn it off
Boa servers are used to access settings, management consoles, and sign-in screens on devices, Microsoft said, and despite being discontinued in 2005, they are implemented by vendors.
The Boa vulnerability allows hackers to gain access to a network by collecting data from files.
When Microsoft looked into the Recorded Future report, it found that the Indian incident was one of several intrusion attempts to gain access to infrastructure in the subcontinent. The most recent attack was in October 2022.
Fear of China’s tech manipulation a threat to all: UK spy chief
Some of the information obtained in the Indian Energy hack included sensitive employee information, financial records, client records, engineering drawings and private keys.
What all of the IP addresses evaluated by Microsoft had in common was that they were all running Boa servers. Another analysis found that 10% of IP addresses returned connections to important industries, such as the petroleum industry.
These same IP addresses were linked to IoT devices, such as routers that had unpatched vulnerabilities.
“Microsoft sees attackers attempting to exploit Boa vulnerabilities,” the tech company said. “The popularity of the Boa web server is of particular concern because Boa has been formally discontinued since 2005.”
Microsoft said that within a week, its Defender Threat Intelligence platform found more than 1 million Internet-exposed Boa server components worldwide.
The largest share of those components was in India, while the US, Brazil and South America also showed large numbers.
To address these vulnerable components, Microsoft suggested organizations and network operators patch vulnerable devices and, if possible, find devices with vulnerable components and add measures to identify and detect malicious activities.
Microsoft says hackers attacking energy grids using decades-old software
Latest News by ReportedCrime.com