Windows 7 users are perhaps aware that official support for the operating system will end on January 14th, 2020.
This event would put anyone who still hasn’t switched to Windows 10 to a greater risk of ransomware and malware attacks, as there will be no more security patches. According to statistics, 26% of computers will still be running Windows 7 after the end date of its official support.
In fact, Microsoft ended mainstream support for Windows 7 back in 2015. Despite the company giving users enough time to prepare, there are still many who are not ready and would be exposed to a number of threats. Businesses still running Windows 7 are especially at risk, being exposed to the great danger of ransomware.
As explained by Ian Wood, Senior Director of Veritas, “WannaCry was a clear example of the dangers that businesses can face when they are using software that has reached end of life. In January 2020, a quarter of all PCs are going to fall into this category so it’s vital that the organizations that rely on Windows 7 are aware of the risks and what they need to mitigate them.”
SMBs Should Prepare Properly for Windows 7’s End of Support
There are several things that businesses should do to minimize the risks of running software which is no longer supported or patched.
The very first thing to do is to upgrade whatever software the company is running. For small and medium-sized businesses, the best option would be to upgrade to an operating system that is supported.
Businesses should also make sure they are up-to-date with patches while they can. It is noteworthy that Microsoft is offering the opportunity to buy ESUs (extended security updates) to access patches while they are migrating to newer software.
Finally, businesses should be prepared against ransomware with sufficient backup solutions. According to veritas researchers, businesses should have three copies of their valuable data. Two of these copies should be on separate storage devices, and one should be air-gapped in an offsite location. Air-gapped data backups ensures the security of the data and is a reliable method of successfully restoring data.
Last year, RiskSense researchers analyzed the types of vulnerabilities that are used across multiple ransomware families to target enterprise and government organizations. Nearly 65% ransomware attacks targeted high-value assets such as servers. 35% of the vulnerabilities were old, from 2015 or earlier, with the WannaCry flaws still deployed today.