Windows 7 Leaving You Vulnerable

The countdown is on, as Windows 7 is slowly reaching it’s extinction date. But did you know, running an outdated, unsupported platform leaves you at risk and an easier target for cyber criminals.

One area of support which becomes obsolete for Windows 7 on the 14th January, is the issuing of patches to improve security for your operating system. Although this may seem like nothing, it is actually a big part of keeping cyber criminals out.

Don’t believe us? Think back to 2017, when you woke up to the news that the NHS was the latest victim of a cyber attack.

The WannaCry attack caused devastation across the UK by crippling computers, resulting in hackers demanding ransoms in order to unlock them. The week long attack hit around a third of hospital trusts and 8% of GP practices in May 2017.

The hack caused more than 19,000 appointments to be cancelled. The Department of Health estimated that these cancelled appointments cost the NHS £20m alone, whilst the clean up and upgrading of it’s IT infrastructure cost £72m.

At the time of the attack, the NHS was criticised for not having updated its IT infrastructure for 17 years and still ran Windows XP.

The attack was blamed on the North Korean hackers , the Lazarus Group.

The attack originated as a virus, which Microsoft issued a patch to fix the vulnerability in their systems prior to the attack. However, many trusts failed to implement the patch.

The Government issued a report, which stated:

“It is not possible to estimate with certainty the financial impact of the WannaCry attack.

“The estimate considers the financial costs in relation to two broad categories covering two time periods: during the attack between 12th and 18th May 2017, and the recovery period in the immediate aftermath to June-July 2017.

Matt Lock, Director of Sales Engineers at Varonis, said:

“Ransomware, or any cyber attack that has the potential to bring down critical infrastructure, then transitions from being a business issue to a public safety issue.

“Attackers will strike again, whether for profit of to sow mistrust and confusion, and the organisation the public relies on must be prepared.”

What should I do when a patch becomes available?

It is recommended that you patch your operating system within 14 days of the patch being issues.

Having a main administration account which can facilitate this patch is recommended, as it prevents users from delaying the updates and leaving the system open for criminals to exploit.

As mentioned above, patches for Windows 7 will cease to be released from 14th January. Updating your operating platform to a newer version of Windows will help to alleviate this problem, and prevent cyber criminals from finding an easy way into your IT infrastructure.

We also touched on computer healthcare as part of our ’12 Threats of Christmas’ campaign. You can read that article here.