Zoho ServiceDesk

2021: Software vulnerabilities installed at 165 industrial facilities in Russia

As it became known on December 7, 2021, about 165 industrial facilities in Russia use outdated software that is easy to hack. We are talking about the ServiceDesk Plus system created by Zoho.

According to Kommersant, citing a study by Palo Alto Networks, software versions 11305 and below are vulnerable. To protect them, on November 22, 2021, the manufacturer released an update, but two weeks later 2.9 thousand systems around the world remain vulnerable.

Using a bug, attackers over the past three months have hacked computer networks of at least 13 organizations in the field of technology, energy, health, education, finance and the defense industry.

165 industrial facilities in Russia use the old Indian software Zoho ServiceDesk, which is easy to hack]]

Palo Alto Networks believes that the APT27 hacker group is behind the attacks. According to Positive Technologies, the group has Asian roots, has been operating since at least 2010.

Service Desk software is used at Russian critical infrastructure facilities, including in the defense and nuclear industries. Kirill Chekhankov, head of IT solutions at Konica Minolta Business Solutions Russia, told the publication that the product's vulnerability is very critical, since it allows unauthorized access to user data. Anton Fedorov, commercial director of ITSM 365 (Naumen Group of Companies), agrees with him: Service Desk systems often contain a lot of confidential information related to business and transactions.

Even in our time, a large number of adherents of the principle "works - do not touch," said Sergey Nenakhov, head of the information security audit department at Infosecurity a Softsound.

He explained that since sometimes updating software can lead to failures in the work of different parts, IT Infrastructure system administrators are in no hurry to change something.^[1]

Notes