Microsoft support for windows XP officially ended today (8th April, 2014), by now you should have upgraded, but what can you expect if you haven’t?
First, here’s a handy website that is designed to tell you if you are still running windows XP – amirunningxp.com
So, if you are, what can you expect?
Threats to expect against Windows XP The types of attacks that we expect to target Windows XP systems after April 8th, 2014 will likely reflect the motivations of modern day attackers. Cyber-criminals will work to take advantage of businesses and people running software that no longer has updates. Over time, hackers will evolve their malicious software, malicious websites, and phishing attacks to take advantage of any newly discovered vulnerabilities in Windows XP, which after April 8th, will no longer be fixed.
Here’s a list of risks that Windows XP based systems might encounter over time, along with some guidance to help small businesses temporarily protect themselves against cyber attacks while moving to a modern operating system:
RISK #1: WORMS WILL USE ANY NEWLY DISCOVERED VULNERABILITIES TO ATTACK WINDOWS XP:
Malware creators will likely integrate new vulnerabilities targeting Windows XP, into malware that tries to multiply. The success of the virus named Conficker, to infect systems in enterprise environments, illustrates that security firewalls and strong password policies are still not comprehensively used. Organizations that continue to run Windows XP after support ends, should be on guard for this type of threat in their environment, which is typically introduced into systems by infected USB drives in an attempt to get past firewalls.
Review any exceptions you allow, through firewalls, in your environment. Only keep the exceptions in your firewall rules that you really need. Follow the earlier guidance to limit removable drive use on Windows XP systems. Use strong passwords on your systems that can’t be easily guessed.
RISK #2: SURFING THE INTERNET:
New exploits for Windows XP will likely be added to cyber-security exploit kits that are sold/leased to attackers. Exploit kits make it easy for professional and novice attackers alike to build malicious websites that try to install malware on systems that visit those sites. Surfing the Internet on Windows XP based systems after April 8th, 2014 will become more risky as new exploits for Windows XP are distributed among attackers via exploit kits.
Since browsing the Internet is a risky proposition if running on out-of- support systems like Windows XP after April, small businesses should limit where they go to on the Internet to help manage the risk. Limiting the specific websites these systems can get to on the Internet, or simply not using Windows XP systems to connect to the Internet, will reduce the probability of compromise via a malicious website. Important note: Changing browsers won’t mitigate this risk as most of the exploits used in such attacks aren’t related to browsers.
RISK #3: OPENING EMAIL AND USING INSTANT MESSAGING (IM):
Many attacks typically start with a well-constructed phishing attack via email. The email will likely contain the Internet address (also known as a URL) to a malicious website that has been constructed for unsupported Windows XP based systems. The email could also have a specially crafted malicious attachment that when opened, exploits an unpatched Windows XP vulnerability, potentially giving attackers control of the system. Attackers have also used Instant Messaging (IM) to deliver malicious URLs and attachments. Opening email or using IM on Windows XP based systems after April 8th, 2014 will become more risky as new exploits for Windows XP may be integrated into phishing attacks, malicious emails and IMs.
Malicious e-mail messages are a very common tactic attackers use to gain entry to systems. Given this, it would be prudent to avoid using Windows XP systems to send or receive email. Avoid clicking on links or opening attachments sent via email or IM. Important note: Using a different email or IM program likely won’t mitigate this risk as these attacks are typically in the content of the messages themselves, not a vulnerability in a specific email or IM program.
RISK #4: USING REMOVABLE DRIVES:
Attackers can attempt to use USB drives and other types of removable drives to distribute malware that seeks to leverage new vulnerabilities in Windows XP to compromise systems.
This is a common way that Windows XP systems get infected with malware. Some customers have decided to physically block access to USB ports on systems in their organizations in an attempt to block this type of threat. Connecting removable storage devices to Windows XP systems should be avoided. More information is available in this article: Defending Against Autorun Attacks.
RISK #5: RANSOMWARE:
We have seen a large uptick in ransomware in recent years. Attackers use this type of malware to extort users into paying them to unencrypt files that the malware has encrypted on their system, or to unlock the system’s desktop. After April 2014, attackers will likely attempt to use unpatched vulnerabilities on Windows XP based systems to distribute ransomware. This type of attack can have a crippling impact on small businesses and consumers that lose access to important data or systems.
Restoring data from backup is a good way to recover from a ransomware infection. More frequent backups of data stored on Windows XP systems or that Windows XP systems have access to, would be prudent after April.
So What Should You Do?
The guidance above provides suggestions towards managing some of the risks of running Windows XP post April 8. However, the primary thrust of our advice is clear:
The best option is to migrate to a modern operating system like Windows 7 or Windows 8 that have a decade of evolved security mitigation built in and will be supported after April 8, 2014.
For customers considering upgrading a device designed to run Windows XP, we recommend purchasing modern hardware – from touch laptops to tablets to all-in-ones – to take full advantage of the features and touch-based user interface available in Windows 8 or later systems. Modern devices are not only faster and have greater performance than devices running older operating systems, but come with greater security features, new and improved networking tools for when you’re on the go, modern apps and more. If a customer wants to upgrade an existing machine to a alter OS, upgrade activities depend on what current operating system is on the machine, and the capabilities of that hardware.
- Computers running Windows 8 can be updated to Windows 8.1 via the Windows Store (for consumers) or using media (for larger organizations with volume licensing).
- Computers running Windows 7 can be upgraded to Windows 8 using media, then updated to Windows 8.1 (using the process above).
- Computers running Windows XP cannot be upgraded in-place to Windows 7, Windows 8, or Windows 8.1. A clean install is necessary, although user data can be migrated.
Before you upgrade, check software compatibility
Before you rush out to buy new computers or upgrade the OS on your computers, it’s very important to do a few checks.
- First of all, make sure all your current software and data will work with the new version of Windows you choose. Some older software packages don’t play nicely with newer versions of Windows.
- Pay particular attention to business-critical applications, like your customer database or accounting software.
- If you find software compatibility is going to be a problem, consider upgrading that software too, or switching to a different package.
If you are unsure about your current situation or would like to talk about a managed migration package for your business please do not hesitate to get in touch.
Posted to Blog