The FBI Cyber Division has released a Private Industry Notification informing businesses that continue to use Windows 7 in their system to shift to a supported operating system because of the potential exploitation of security vulnerabilities identified in the Windows 7 operating system.
The FBI has noticed a rise in cyberattacks on unsupported operating systems as soon as their end-of-life is reached. Any company that continues to use Windows 7 have a greater risk of being exploited by cybercriminals to gain remote network access. This is because of the lacking security updates and the discovery of new vulnerabilities.
The operating system of Windows 7 hit its end-of-life on January 14, 2020. Since then, Microsoft discontinued launching free patches to fix identified vulnerabilities. Microsoft is just offering security updates for the following Windows 7 products: Enterprise, Professional, and Ultimate; and only when consumers have registered for the Extended Security Update (ESU) program, which is only available until January 2023. The support cost increases as a customer participate longer in the ESU program. Although security updates are being launched for clients that have opted for the ESU program, the FBI and Microsoft firmly recommend the upgrade of Windows 7 to Windows 10 or another supported operating system.
It’s not easy to update an operating system. It may be necessary to buy new devices. New software programs have a price tag, however, the cost is minimal in comparison to the price of losing intellectual property and the risk from continually using an unsupported operating system.
A lot of companies all over the world continue to use Windows 7 on a few of their Windows gadgets. Information from Statcounter shows about 20% of all Windows units are still using Windows 7, though free security updates are not issued any longer. An open-source report released in May 2019 discovered that 71% of Windows units employed in healthcare used Windows 7 or some other operating systems that were also unsupported since January 2020. The FBI cautioned that more successful cyberattacks in healthcare occur upon as soon as the operating systems have gotten to its end of life.
The FBI stated that cybercriminals are searching for ways to access legacy Windows operating systems so as to take advantage of Remote Desktop Protocol (RDP) exploits. Last May 2019, right after discovering the BlueKeep vulnerability, Microsoft introduced patches for all supported OS’s along with a patch for Windows XP and for the unsupported OS as a way to avoid a WannaCry-style attack. Considering that the vulnerability was identified, working exploits were created to take advantage of the vulnerability and up to now, there are attacks to unpatched Windows devices.
There will vulnerabilities identified and taken advantage of unpatched operating systems. When Microsoft launched the MS17-010 patch to deal with a number of SMBv1 vulnerabilities in March 2017, a lot of companies failed to apply the patch, despite the high-risk exploitation. In May 2017, the WannaCry ransomware attacks started infecting 98% of systems, which were running Windows 7.
If companies use a supported OS, patches are instantly made accessible to resolve newly found security vulnerabilities. Using a supported OS is the most essential step for improving security.
Protecting against cybercriminals demands a multilayered strategy, which includes validation of existing software used on the computer system and approval of access controls and network settings.
Besides modernizing the operating system and using patches immediately, companies need to install antivirus software, use spam filters, and implement firewalls, that are appropriately set up and kept updated.
Network settings must be reviewed and computer systems that are not up-to-date must be singled out. The FBI additionally recommends reviewing the network systems that use RDP and disabling unused RDP ports. Implement 2-factor authentication as much as possible and log all RDP login attempts.
If there be any Windows 7 device that cannot be updated or isolated, be sure to block access over the web. Also, the company must sign up to Microsoft’s ESU program.