Hackers target Boa, a web server that was shut down in 2005. Microsoft warns that millions of IoT devices are potentially at risk as a result.
In a blog, Microsoft warns against the use of outdated web components in today’s IoT devices. Specifically, they refer to Boa, an open source web server that was discontinued in 2005. So, despite no updates and patches for 17 years, Boa components are still prevalent in SDK tools for smart devices today.
This logically compromises the security of IoT devices. Boa is packed with vulnerabilities that allow hackers to perform remote code execution on smart devices and access the IoT network through the device to steal information. Sellers of IoT devices often appear to be insufficiently aware of vulnerabilities in the software, as a result of which patches are not rolled out or are rolled out too late.
Millions of IoT devices at risk
Microsoft maps the distribution of Boa. India is particularly notable, where Boa has already acted as a vector for a series of cyber attacks on critical infrastructure, presumably on behalf of the Chinese government.
But this snake crawls where it can go, because Microsoft’s analyzes show that millions of IoT devices worldwide contain traces of Boa. This threatens the stability of the global supply chain.
To avoid this, IoT suppliers must have a clear overview of all components in the devices and the network. This allows them to identify and phase out potential risk factors such as Boa to minimize the attack area.
Microsoft also recommends extending risk detection beyond the firewall and making virus scanners more proactive. This should bring vulnerabilities to light more quickly, so that they can also be patched more effectively.