(ANSA) – MILAN, NOVEMBER 24 – Obsolete servers, now retired, represent a concrete problem for those involved in IT security. Intended to put file and folder paths in common use, even by users outside the company, this type of hardware can often be exploited to violate an organization’s information, because it is not protected. And that’s what Microsoft discovered when analyzing a recent attack involving an electricity supplier in India, Tata Power. The cybersecurity division of the American giant has identified a series of compromises that hackers have carried out globally, always affecting the same server, Web Boa, withdrawn in 2005. Although 17 years have passed, Microsoft explains that this type of web server, designed to allow access to files and applications of authenticated employees via the Internet, is still widespread, increasing the risk of intrusion as its cyber defenses are no longer keeping pace with threats.
Microsoft discovered a “vulnerable” component of the server used in the spring by some Chinese state-backed hackers, who allegedly hacked four devices loaded with Web Boa to infiltrate some operational networks. For the company, the risk of similar actions, affecting the energy supply chain and beyond, is high, “such as to affect millions of organizations and devices”. As Microsoft points out, responding to this type of attack is difficult because outdated servers are not a rare occurrence, particularly for companies serving different countries, where infrastructure updates are not always homogeneous. The expert advice is to analyze your machine park, to identify devices with vulnerable components and adopt intrusion detection practices to act immediately. (HANDLE).