Microsoft warns about Boa web server risks: India is the most affected country

Although the Boa web server has been discontinued back in 2005, a lot of businesses still continue to use the same. Companies continue to use Boa web servers as it is bundled in the software development kit (SDKs) of a product. However, according to the latest report from Microsoft, Boa web server comes with potential risks and it is easy for hackers to target these services. More importantly, Microsoft’s research showed that Indian power companies have faced several attacks because of the web server.

Most recently, Tata Power disclosed a cyber attack by the Hive ransomware group last month. In this case, hackers managed to steal data related to the personal details of employees, which includes details like Aadhaar numbers, PAN card details, and salary information. Microsoft has confirmed that Tata Power was hosted on Boa web servers, which has made it vulnerable and easy to hack due to outdated security protocols. Microsoft claims that over one million devices are still running on the outdated boa web server.

Read more: | Hackers accessed Microsoft source code

The problem is that most Internet of Things (IoT) devices include a Bora web server in their SDKs, which includes the most popular brands like Realtek Semiconductor Corp as well. Further, updating the firmware of an IoT device does not always patch an SDK or an SoC component, points out Microsoft

It recommends patching vulnerable devices whenever possible. Microsoft also recommends using its own Defender External Attack Surface Management system to stay safe from hackers and recommends businesses reduce attacks by eliminating unnecessary internet connections to IoT devices in the network. Lastly, it is recommended to use an anti-virus solution and it is best to configure detection rules to identify malicious activities.