Microsoft end-of-support for Windows 7 means systems will remain unpatched, creating an opportunity for future ransomware attacks to wreak havoc.
It’s time for a brief history lesson: Remember WannaCry? It was so successful because of unpatched systems. And this week marked the end of support for all Windows 7 devices. Estimated to represent as much as one-quarter of all PCs worldwide, this legacy operating system will be forever vulnerable to any attacks based on newly discovered vulnerabilities.
With attackers now integrating lateral movement and access to devices via vulnerabilities into ransomware attacks, it’s only a matter of time before an organization relying heavily on Windows 7 finds themselves at the losing end of a massive ransomware attack that leaves them crippled.
There are three things you should be doing to protect against this issue:
- Update your OS – while potentially costly, organizations need to update to a supported OS that includes security patches.
- Ensure Continual Updates – whether using the building in automatic updates or using a third-party patching solution, be certain all your endpoints are always up to date on their patches.
- Educate Your Employees – recent data shows spear phishing is still the #1 attack vector indicating that users need to become a part of your security strategy, acting as the last line of defense. Educating them with Security Awareness Training empowers them to understand what an attack looks and acts like, and how to avoid being a part of the problem by interacting with malicious or suspicious content.