Greater Manchester Police force has revealed that more than one in five of its computers as of July were still running Windows XP.
According to the BBC, Greater Manchester Police revealed that 1,518 of its PCs ran the ageing operation system, representing 20.3% of all office computers used, despite Microsoft ending nearly all support for the operating system in 2014.
Dr Steven Murdoch, a cyber-security expert at University College London, said to the BBC: “Even if security vulnerabilities are identified in XP, Microsoft won’t distribute patches in the same way it does for later releases of Windows. So, if the [police’s] Windows XP computers are exposed to the public internet, then that would be a serious concern.
“If they are isolated, that would be less of a worry – but the problem is still that if something gets into a secure network, it might then spread. That is what happened in the NHS with the recent Wannacry outbreak.”
‘Infected files were digitally scrambled’
The police staff was told to switch off PCs to stop infection spreading, and infected files were digitally scrambled, making them inaccessible.
David Emm, principal security researcher at Kaspersky Lab, added: “It is now more than three years since Microsoft stopped supporting Windows XP. Yet just months after the WannaCry epidemic underlined the importance of ensuring that the latest patches are applied, we learn that England’s second biggest police force ‘appears to be running outdated Windows XP’.
“It’s alarming that some organisations continue to use Windows XP. The fact that Microsoft issued emergency updates for XP and other unsupported systems in response to the WannaCry outbreak shouldn’t lure organisations into a false sense of security: there’s no guarantee that this would happen for future attacks.”
“It is important to remember that cybercriminals target systems and applications that are widely-used. Even if companies are running the latest software, it is still crucial that they have preventive measures in place to protect themselves from ransomware attacks.”
Written by Leah Alger