Hackers are using an abandoned web server to launch attacks on energy grid infrastructure, Microsoft has warned, with the initial attack discovered on the Indian network being carried out by Chinese hackers.
According to the software giant, the Boa server was used in popular routers, security cameras and software development kits. Although Boa was technically retired in the early 2000s, it is still widely used in various devices, TechCrunch reported.
Microsoft announced this week that it had identified one million Internet-exposed Boa server components worldwide in a single week. The company warned that the components represent a “supply chain risk that could affect millions of organizations and devices”.
“Without developers managing the Boa web server, its known vulnerabilities could allow attackers to silently gain access to networks by gathering information from files,” Microsoft said.
“Additionally, affected individuals may be unaware that their devices are running services using the deprecated Boa Web Server, and that firmware updates and downstream patches do not address its known vulnerabilities.”
Power grids, as critical infrastructure, are high-value targets for hackers.
Earlier this year, the Department of Energy began are working to bolster US network defenses as well as the supply chain on suspicion that Russian and Chinese state-sponsored actors may be targeting infrastructure.
We really need to do a lot more,” said Puesh Kumar, Director of the Office of Cybersecurity, Energy Security and Emergency Response. Told Bloomberg in March. “The energy industry is a very complex machine made up of many different components, many different players – and we really need to strengthen the security of each of them.”By Charles Kennedy for Oilprice.com
By Charles Kennedy for Oilprice.com
More reading on Oilprice.com: