Posted on

Windows XP danger lurking


JAMES BYNOE

Windows XP danger lurking

Social Share
Share

AS A BAJAN and international cyber/information security consultant I urge my fellow countrymen and women to take the global Windows XP cyber weakness seriously and upgrade to a supported platform immediately, whether at home, work, or play.

If you are using a Windows XP computer at home or work it is important for you to understand that you are using a computer that is literally a hacker’s/cyber criminal’s favourute target and they are looking for you.

Since about 2012, the Windows XP operating system has been considered an end of life operating system with tonnes of security weaknesses and vulnerabilities that will not be fixed, making it extremely easy to exploit for criminal, misuse, or malicious purposes. Beyond losing official support from Microsoft, the 13-year-old Windows XP operating system was developed in a time when the internet was in a much safer place.

As a result, and often being penny wise and pound foolish, many homes or businesses all across the Caribbean are still using XP systems which no longer received bug fixes, security patches, or other updates designed to protect the core operating system (OS). It’s also very important to note that even “fully patched” the OS at its core has been living on life support.

As a cyber warrior and safety evangelist actively engaged in the global fight against cyber crime, it is quite clear to many that the Caribbean has been targeted by hackers, cyber criminals and predators who has labelled the region “a easy target” primarily due to: low levels of national political and social cyber safety awareness, engagement; limited budgets at home and work.

In challenging economic times cyber criminals are aware that many are penny wise and pound foolish when it comes to investing in upgrades from Windows XP; lagging cyber laws. Current regional cyber laws are generally weak and not comprehensive enough to addresses the multi-faceted cyber threat; and technology leadership in both the public and private sectors is lacking. Too many square-pegged information technology leaders in round holes. I will just leave it at that.

These are all things that cannot be fixed overnight and all the more reason the upgrade from Windows XP is needed. So what specifically should technology leaders be doing as the custodians of our most private and personal data to improve their cyber postures? Below are a few simply actions that can be taken to lower cyber and information security risk from cyber criminals and hackers.

Technology Inventory: whether you have one or many computers on your business or organisation it is critical to know exactly what hardware and software your network consist of as “you can’t protect against what you don’t know”.

Apply all available systems updates and security patches. These often free updates and security patches plug the holes in systems weaknesses and vulnerabilities which hackers and cyber criminals seek to exploit.

Identify an external cyber security partner or consultant to help you. The talent exists in the region so getting this support from offshore is not necessary.

Establish an annual cyber security awareness programme to teach staff the does and don’ts of the Internet. Many of the largest network breaches in history where aided by insiders unintentionally due to lack of training.

Conduct a security scan of your systems at least annually and fix all critical and high security findings first. Don’t attempt to boil the ocean.

Whether required to or not, align your organisational technology compliance posture to the international cyber and information security best practices and standards.

Free is not always best, so install a recommended anti-virus/malware software application with the understanding that many free anti-virus applications are no good (again avoid bring penny wise and pound foolish).

Conduct an annual network penetration test (internet facing) and vulnerability scan (internal), and remediate in a phased approach based on criticality.

In closing, I must reiterate, if when you turn your computer on you see a Microsoft Windows XP logo you need to understand that you are using a computer that is a “hackers or cyber criminals” dream. For the cyber safety of your home, business and our great nation please, please upgrade from Windows XP. Do so immediately.

James Bynoe is co-founder of the Caribbean Cyber Security Centre and an international cyber security consultant and evangelist.

LAST NEWS