PCs still running when Windows 7 reaches end of life on the 14th of January will be significantly more at risk of ransomware, Veritas Technologies has warned. According to experts, 26% of PCs are expected to still be running the Microsoft software after support for patches and bug fixes end.

Windows 7 ransomware

The vulnerability to ransomware of PCs running unsupported software was demonstrated by WannaCry. Despite supported PCs being pushed patches for the cryptoworm, Europol estimated that 200,000 devices in 150 countries, running older, unsupported, software became infected by WannaCry. Although just $130,000 was paid in ransoms, the impact to business is understood to have run into the billions of dollars due to lost productivity and lost data.

Microsoft ended mainstream support of Windows 7 in 2015, giving users five years to ready themselves for the software to reach end of life.

Businesses running Windows 7 should prepare themselves in order to avoid the impact that vulnerability to ransomware could have on their organizations. Here are five tips that could help navigate this challenge:

Educate employees – The biggest risk is to data that employees save to unprotected locations. Ensure that users are following best practices for where to save data so that it can be secured and consider running a simulation. Saving valued data to centralized servers, data centers or to the cloud can help reduce risk.

Evaluate risk by understanding your data – For enterprises, insight software solutions can help to identify where key data lives and ensure that it complies with company policies and industry regulations. This is critical not only to identify the challenges but also to prioritize the recovery process.

Run patches whilst you can – According to the Ponemon Institute, 60% of respondents who experienced data breaches did so despite a patch to prevent breaches being available to them. Businesses should at least make sure that they are as up-to-date as they can be whilst they can. Users will also be able to buy “ESUs” from Microsoft to access patches during their migration to newer software.

Ensure that data is backed up – Ransomware relies on the idea that paying a ransom is going to be the only/cheapest way to regain access to your data, yet research shows that less than half of those that pay up are actually able to recover their data from cyber criminals. Veritas advocates the “3-2-1 rule”, where data owners have three copies of their data, two of which are on different storage media and one is air gapped in an offsite location. With an air-gapped data backup solution, businesses have the much safer, and more reliable option, of simply restoring their data.

“WannaCry was a clear example of the dangers that businesses can face when they are using software that has reached end of life. In January 2020, a quarter of all PCs are going to fall into this category so it’s vital that the organizations that rely on Windows 7 are aware of the risks and what they need to mitigate them,” said Ian Wood, Senior Director, EMEA Cloud & Governance Business Practice, Veritas.

“This type of ransomware attack tends to have a disproportionate effect on organizations that can afford ransoms least – for example, we saw high-profile attacks on public sector bodies in 2017. So, it’s critical for those running Windows 7 to act now and put plans in place to ensure that they are able to protect themselves. Organizations need to understand their data and make sure that information is being stored in the right place where it can be protected and made available when needed,” Wood concluded.

Update to Windows 10 – One of the easiest ways to stay safe is to Upgrade to Windows 10 or get a computer with Windows 10 already on it. Friendly Computers can help with either of these options. Come by and visit either of stores and we can help you out. If you have any questions beforehand give us a call and talk to one of our Friendly Technicians.


Why Call A GEEK When You Can Call A FRIEND!


Source: https://www.helpnetsecurity.com/2020/01/07/windows-7-ransomware/