By George Hefter

On Jan. 14, 2020, three widely-used Windows Operating Systems reach the end of their useful lives and will no longer receive updates and security patches from Microsoft: Windows 7, Server 2008 and Small Business Server 2011 (which is based on Server 2008). This so-called “end-of-support” doesn’t mean that systems using this software will stop working after that date, but it does mean that Microsoft will no longer attempt to solve problems or patch security vulnerabilities. While it might be tempting to keep using these systems after the cutoff date, that decision could be both dangerous and very costly.

What’s the risk?

Without updates and

security patches, your systems will become more vulnerable to ransomware,

viruses and hackers who may have malicious intent. And they will have plenty of

time to figure out how to find their way into these systems because Microsoft

will no longer be guarding the door and fixing new vulnerabilities as they are

discovered.

Home users risk

losing personal data like photos, important home or business documents, and

graduation or marriage videos. Depending on computer usage habits, home

computers might even give hackers a direct pathway into bank or investment

accounts.

Business users’ risks

are far greater. Beyond the loss of all the data on your server or

workstations, and the inconvenience—not to mention the cost—of system downtime

and loss of productivity, business owners also risk higher insurance rates and,

like some financial service companies, an overall lowering of reliability or

investment grade rating. That last consequence affected Equifax after its

cybersecurity breach resulted in a lowering of its Moody’s Outlook rating on

top of the almost $700 million fine of the breach itself.

And maybe you’ve

heard about some of the breaches affecting local governments, such as in

Atlanta or Baltimore, where a second ransomware attack in a year demonstrated

how even municipal governments struggle to keep computer networks safe. This is

especially true after the National Security Agency  revealed it had lost control of one of its

very effective hacker tools called EternalBlue, which has since been implicated

in hundreds of cybersecurity attacks in the USA and around the world.

Before jumping to the

conclusion that only large businesses are targets, please keep in mind that

these attacks are broad-based and typically not focused on a specific target.

When a broad, “try every door” attack finds a vulnerability in an interesting

system, then the hacker will drill down and try to see the size of the target

and what the potential for ransom might be. But for every large system that is

infected, there may be hundreds of smaller systems found that carry the potential

that something on that system might be worth a few hundred to a few thousand

dollars, and so those systems get targeted too. And when those are business

systems, the risk is even greater.

If your business

system is affected, it’s not only your data that may be affected, but your

customers’ information is at risk too. If you have customer data of any type on

your computers or servers, you may find yourself shelling out thousands of

dollars in identity theft protection for those customers, not to mention fines

or loss of business because of your cybersecurity lapses.

Attacks on Windows 7

and even Windows XP have escalated in recent months via a variant of last

year’s WannaCry virus. Are you sure you want to risk using an outdated, no

longer supported operating system?

George Hefter is president of TCT Computer Solutions in Kennewick.