Kill it! Kill Windows XP now!

Credit to Author: Steven J. Vaughan-Nichols| Date: Mon, 10 Jul 2017 04:20:00 -0700

The headline — “HMS Queen Elizabeth is ‘running outdated Windows XP’, raising cyber attack fears” — was startling, but wrong. The United Kingdom’s newest aircraft carrier wasn’t running Windows XP. But some of the contractors that built the warship were.

The U.S. Navy, meanwhile, has been purchasing Windows XP support, at least through this year, so odds are our military still has XP systems running to this very day.

To which I can only say: “Just how stupid are you?”

Yes, I follow the adage “If it’s not broke, don’t fix it.” But guess what: XP is broke.

Mainstream XP support ended in April 2014. True, Microsoft has started reissuing general Windows XP patches because of the latest run of ransomware, but do you really think the company is going to continue to cover your rump? I don’t.

I liked Windows XP a lot back in the day myself, but come on, it’s been over three years now, and, truth be told, it was never safe from day one. It’s time to move on up to Windows 7, if not Windows 10.

Enough already. If you’re still running XP, I presume it’s because you have a program that only runs on XP and you’ve been too lazy or cheap to rewrite or replace it. Here’s the thing about that, though: At this point, being lazy is going to result in a lot more work than you ever bargained for, and being cheap is going to get very expensive. It’s time to wake up. The alarm clock is ringing, and it’s ringing for all.

Bite the bullet, and get rid of your old software. If you can’t reprogram it yourself, get someone who can.

If your vendor doesn’t have a new version, ask yourself what you’re doing with software from a company that hasn’t updated its product for over three years. It’s not like we didn’t know XP was coming to an end. Microsoft told us over and over again that XP would no longer be supported. By using out-of-date programs on top of an obsolete operating system, you’re just asking for a disaster.

Disaster has already hit many businesses. The U.K.’s National Health Service (NHS) hospitals were still running XP when the WannaCry ransomware came calling this spring. A lot of NHS facilities were knocked out. Coincidence? I don’t think so!

We don’t know how many other businesses have been knocked out by WannaCry, Locky, Petya and other ransomware programs. Companies don’t like admitting they’ve been hacked.

What we do know is that FedEx, Nissan, Hitachi and Renault were all hit by WannaCry. We know that ransomware took in a billion bucks last year from its victims. That’s only the tip of the iceberg. Thousands of businesses and institutions were successfully attacked.

In all fairness, it’s not just Windows XP. The recent run of ransomware was largely caused by businesses that simply didn’t bother to patch their existing “up-to-date” Windows systems.

I get it. You don’t want to patch your operating system only to find that your mission-critical program or device no longer works. But that argument loses its punch when Windows is being smashed by ransomware.

The newest attack programs only need one vulnerable PC to get in, and then they can wreak havoc all over your network.

You have no choice but to secure your network by patching the operating system as soon as patches come out. Attack programs using zero-day bugs have become as common as cockroaches.

So enough waiting around. Get rid of XP. Move up to Windows 7. Patch your Windows system as soon as possible. Heck, consider moving to Linux.

Today’s Windows malware won’t just mess up your day; it can destroy your business. Security is now job one for any companies relying on Windows.

http://www.computerworld.com/category/security/index.rss