This new research from Microsoft highlights two of the main issues that plague the cybersecurity industry – legacy software/hardware and the Internet of Things.
First, we’ll touch on legacy software/hardware. Legacy software/hardware is old software that is still in use within an environment. While in this case, it was likely unknowingly used by the breached companies due to being within 3rd party devices, legacy software/hardware is something that most large corporations have in their environment due to their being no recent replacement for their own applications. This software/hardware is often vulnerable as it ages without updates, which can leave an environment as a whole vulnerable.
While legacy software/hardware is what was responsible for the breach in this case, the larger issue challenging the cybersecurity industry is the Internet of Things (IoT). In simple terms, the Internet of Things is essentially a network of physical objects that are not computers/servers that are connected to the internet – such as cameras, smart TVs, smart thermostats, etc. As was seen in this breach, these devices are often not made with security in mind and these devices are often not the most up to date. As IoT devices are becoming more and more prevalent in enterprise environments, this leads to a greater amount of potential attack vectors for a threat actor, making the environment less secure. As an organization, it is best practice to attempt to decommission legacy software/hardware wherever possible, finding similar current solutions or rotating it out entirely in favor of something completely new. It is also advised to properly vet and test and new devices that are going to be connected to the network, and ensure they are properly configured with the least amount of privilege possible.
https://www.bleepingcomputer.com/news/security/hackers-breach-energy-orgs-via-bugs-in-discontinued-web-server/
