Hackers are utilizing a discontinued web server to launch attacks on energy grid infrastructure, Microsoft has warned, with the initial attack discovered on the Indian grid, carried out by Chinese hackers.
According to the software giant, the Boa server was used in routers, security cameras and popular software development kits. While Boa was technically retired in the early 2000s, it is still widely used in various devices, TechCrunch reported.
Microsoft announced this week that it had identified one million internet-exposed Boa server components around the world in a single week. The company warned that the components represent a “supply chain risk that may affect millions of organizations and devices.”
“Without developers managing the Boa web server, its known vulnerabilities could allow attackers to silently gain access to networks by collecting information from files,” Microsoft said.
“Moreover, those affected may be unaware that their devices run services using the discontinued Boa web server, and that firmware updates and downstream patches do not address its known vulnerabilities.”
Power grids, as critical infrastructure, are high-value targets for hackers.
Earlier this year, the Department of Energy began work on shoring up the defenses of the U.S. grid along with supply chain suspecting state-sponsored actors from Russia and China might target the infrastructure.
We really need to do a lot more,” Puesh Kumar, director of the Office of Cybersecurity, Energy Security, and Emergency Response, told Bloomberg in March. “The energy sector is a very complex machine composed of a lot of different components, a lot of different players—and we really need to raise the security of all of them.”By Charles Kennedy for Oilprice.com
By Charles Kennedy for Oilprice.com
More Top Reads From Oilprice.com: