Using Server OS Updates to Prevent Cyber Attacks
Is your company still using an outdated server OS? Your obsolete server OS may not be broken, but this can put your company in danger of losing resources as a result of cyber attacks.
In House Server
Your in house server shapes your business operations. All office computers, printers, scanners, internet access and other office equipment are linked to it. All software tools shared by employees, such as accounting program and customer relationship management software, are linked to it. All digital files of your company are stored in it.
With an in house server, new software or changes across the network can easily be rolled out. For instance, a server can update every computer on the network at the same time. There is no need to open each computer and install the updates one by one.
Whatever happens to the server has repercussion to all other office functions.
A server operating system, also known as server OS, is an operating system that is specifically meant for your company’s server. This OS facilitates typical server roles, including application server, file server, print server, e-mail server and database server.
An outdated server OS refers to unsupported and unpatched server operating system. An unsupported OS is one that no longer receives security updates from its maker. An unpatched OS, meanwhile, is one where the latest patch or security update has not been applied.
Outdated Server OS Succumbs to Cyber Attacks
An out-of-date server OS runs the risk of cyber attacks. Here are two dangers of failing to update a server OS:
1. WannaCry: Danger of Unsupported Server OS
An example of a then unsupported server OS was Windows Server 2003. This server OS was released by Microsoft in 2003. The tech giant initially ended its regular security updates for Windows Server 2003 on July 14, 2015. Microsoft resumed providing security updates for Windows Server 2003 after the WannaCry cyber attack.
WannaCry is a ransomware that affected hundreds of thousands of computers worldwide. A ransomware is a type of malicious software, also known as malware, that infects and blocks access to a computer until a sum of money is paid. WannaCry attackers asked between $300 to $600 to be paid in Bitcoin. This ransomware was first observed on May 12, 2017.
The still unidentified perpetrator or perpetrators of WannaCry were able to infect hundreds of thousands of computers worldwide by exploiting Microsoft operating systems that were then unpatched and unsupported.
Months before the WannaCry ransomware attack, Microsoft was already aware of the vulnerability exploited by WannaCry. On March 14, 2017, it issued a critical security update that particularly blocks this malicious software. The security update against this particular malware was not, however, made available to Windows Server 2003 users. As a result, companies running Windows Server 2003 succumbed to WannaCry. Hours after WannaCry was spread into the wild, Microsoft issued a security update for Windows Server 2003 to prevent further WannaCry attack.
The WannaCry ransomware attack shows the importance of an up-to-date or supported server OS.
2. Cryptocurrency Mining Malware: Danger of Unpatched Server OS
An example of a malicious software that exploited unpatched server OS is the vulnerability in Windows Server 2003 code-named “CVE-2017-7269 “. This vulnerability was first seen in the wild on May 26, 2017.
An attacker who successfully exploits this vulnerability in Windows Server 2003 could gain the same user rights as the in house server administrator – meaning, the attacker could do whatever he or she wants once inside the server.
On June 13, 2017, days after this Windows Server 2003 vulnerability was publicly known, Microsoft issued a patch or security update for Windows Server 2003 to block attackers from exploiting this specific vulnerability. But months after Microsoft issued the June 13, 2017 security update, servers running on Windows Server 2003 were still exploited for failing to apply the patch.
According to ESET, over the course of three months in 2017, crooks got away with $63,000 for exploiting the vulnerability that was subject of the June 13, 2017 Windows Server 2003 update. Attackers, ESET said, infected unpatched servers running on Windows Server 2003 with a cryptocurrency mining malware – a type of malicious software that installs crypto mining software on servers owned by organizations.
Attackers in the case presented by ESET turned hundreds of servers owned by several organizations into a botnet – a zombie army of hijacked servers infected with cryptocurrency mining malware and remotely controlled by the attackers.
While it is legal to install crypto mining software on one’s own server, it is illegal to install one in another without the knowledge and consent of the server owner.
A crypto mining malware illegally installed and concealed in your organization’s server is particularly damaging as business processes suffer because data processing speeds fall dramatically. A concealed crypto mining malware in your organization’s server also increases the wear and tear, as well as increases power consumption.
“And by turning these machines into zombies, cryptocurrency malware can even inadvertently make its victims part of the problem,” Trend Micro said. “Information theft and system hijacking are also daunting repercussions. These attacks can also be the conduit from which additional malware are delivered.”
Importance of OS Update
The WannaCry ransomware and the cryptocurrency mining malware are just two of the many malicious software that are used by cyber criminals to target outdated server OS. Attackers scour the internet on a regular basis to victimize out-of-date server operating system. It is, therefore, important to keep your organization’s server OS up-to-date.
“Keeping your computers up-to-date gives you the benefits of the latest features and proactive mitigations …,” Microsoft said.
At GenX, we offer server OS update services to improve the performance and security of your Windows servers. Our server OS update services include:
- On-site physical deployment of server equipment
- Setup of new operating system on company server, or upgrading previous ones
- Implementation of virtual spaces for increased server operation efficiency
- Testing and verification of system data post-upgrade
Call us today at (416) 920-3000 to ensure that your infrastructure is up to date, and is well protected and managed.