When Microsoft pulls support for Windows 7 in 2020, nearly a half of all Windows PCs will be vulnerable to cyber attack
By Tim Gibson
There are two words that, if mentioned in the same sentence, generally incite a negative reaction. They are, unfortunately, “NHS” and “IT”.
...users will no longer benefit from regular security updates, bug fixes and technical support. |
For all its undisputed brilliance, our health service doesn’t get on with computers. Remember the ill-fated National Programme for IT (NPfIT): a seven-year programme that was supposed to revolutionise IT and telephony in the NHS by delivering greater connectivity and uniformity, but actually led to inefficiency and huge waste.
Perhaps the most high profile IT-related failure for the NHS was in 2018, when it was subjected to a cyber attack that cost something in the region of £92m. The Wannacry hack hit computers across the globe. It affected about 1pc of the NHS’s care and led to 19,000 appointment cancellations because healthcare providers couldn’t access their systems.
Wannacry was a ransomware attack. Users of affected computers would see a message informing them that they’d been hacked, and needed to pay a ransom to free their machine.
The fascinating thing is that, had the NHS paid to upgrade its operating system from Windows XP, it wouldn’t have been vulnerable to the attack.
XP was 17 years old in 2018, and Microsoft had withdrawn support for the system. That meant it was vulnerable to cyber attack, because updates were no longer issued to protect from the latest threats. Following the Wannacry attack, the NHS spent £150m upgrading its technical infrastructure – including an upgrade to Windows 10.
The NHS learned its lesson the hard way about the need to upgrade software so that it is always protected. But something like 46.1pc of the UK’s PCs will become vulnerable to a similar attack in January 2020, unless they are upgraded from Windows 7.
“If your organisation is deemed responsible for a data breach, it can face fines of up to €20m,..." |
The reason is simple: as it did with XP, Microsoft is withdrawing support for Windows 7. The process is called “End of Life” and, as IT specialist Lucid Systems makes plain, it means that users will no longer benefit from regular security updates, bug fixes and technical support.
“There is nothing to stop users sticking with Windows 7 after January 2020,” explains Just Recruitment director and former IT consultant Peter Foy. “The system will still work, although it will become increasingly buggy over time. But the real risk is in relation to cyber security: with no protection against the latest threats, computers running Windows 7 will be highly vulnerable to a security breach. As the NHS’s Wannacry experience makes plain, that can be very costly indeed.
“In an age of GDPR, the risks of leaving yourself open to a cyber attack go beyond service disruption,” Mr Foy continues. “If your organisation is deemed responsible for a data breach, it can face fines of up to €20m, or 4pc of turnover (whichever is higher). What’s more, the reputational cost can be severe, and take a long time to recover from, as the NHS found out.”
For Windows 7 users, therefore, the choice is plain: upgrade by 14 January 2020 (the date when support is withdrawn), or leave yourself open to a devastating attack.
As Mr Foy concludes: “When you put it like that, there’s hardly a choice to be made at all.”
Published: 25 April 2019
© 2019 Just Recruitment Group Ltd
If you enjoyed this article, you may like to read – Ten of the most common “neuromyths”
You may also like – The future of work