A recent report from the technology company Microsoft claims that hackers are exploiting vulnerabilities in very old software to attack companies in the energy sector.
An open source web server named “Boa”, suitable for embedded applications which was discontinued since 2005, it is now becoming a security threat due to its incorporation into Internet of Things (IoT) devices with the aim of attacking these companies.
And it is that, according to Microsoft, a vulnerable component of Boa has served hackers to hack into certain routers and security camerasas well as development kits software (SDK), a set of tools that allow developers to write or use an existing framework to develop applications for a platform.
Total there is talk of a million exposed Boa server components around the world in just one week.
This is how a piece of software from 2005 is used to hack IoT devices
Microsoft’s initial discovery of the vulnerable component came while investigating a suspended intrusion into the Indian power grid in 2020. This followed a report published in February 2021 by a company specializing in such threats, which added that we are likely before a group of hackers Chinese state-sponsored organization known as RedEcho.
In April 2022, a new report was also released describing attacks by another Chinese group using devices of IoT to penetrate operational technology (OT) networks, used to monitor and control infrastructure.
“Exploiting these flaws can allow an attacker to gather information about network assets before launching attacks and gain access to a network undetected by obtaining valid credentials.”says Microsoft.
Microsoft has already warned that mitigating these Boa failures is difficult and recommends organizations and network operators patch vulnerable devices when possible, in addition to protecting yourself against this attack.
Of course, Microsoft has also warned about the risk to the supply chain posed by component failures. IoTas they continue to witness attacks targeting Boa vulnerabilities.