Expert On Court systems still at risk of hacks

It was reported today that, according to a freedom of information response, more than £14m has been spent on upgrading Wi-Fi and video equipment across the criminal court estate since 2016 under the HM Courts & Tribunals Service reform program.

Yet despite this investment, Windows XP, Microsoft’s obsolete operating system, which is not being updated with security patches, is still in use in the criminal court estate.

Subscribe
Notify of
guest

1 Expert Comment
Most Voted
Newest Oldest
Inline Feedbacks
View all comments
Michael Barragry
Michael Barragry , Operations Lead and Security Consultant
InfoSec Expert
October 6, 2020 2:28 pm

Using an unsupported operating system is the equivalent of sitting on a ticking time-bomb. Lack of support means that by default, security patches will not be provided for new vulnerabilities.

WannaCry was a notable exception, where due to the severity and impact of the vulnerability, Microsoft actually did provide a patch for Windows XP even though it was no longer supported – but this should be seen as a once-off action by Microsoft rather than something that can be relied upon going forward.

As if using an unsupported OS wasn’t bad enough, there was a recent leak of the Windows XP source code only a few weeks ago. This will provide threat actors additional valuable intel for crafting new vulnerabilities and exploits – instead of having to try and figure out how to break into the bank, they now have the advantage of being able to view the architectural and electrical plans in advance.

Needless to say, the recommendation is to migrate systems onto a supported OS as a matter of urgency.

Last edited 1 year ago by Michael Barragry
Information Security Buzz
1
0
Would love your thoughts, please comment.x
()
x