Companies running Windows 7 at critical risk of getting hacked.
The FBI says companies running Windows 7 systems are now in greater risk of getting hacked due to a lack of security updates.
On Monday, The Federal Bureau of Investigation sent a private industry notification (PIN) to partners in the US private sector about the dangers of continuing to use Windows 7 after the operating system (OS) reached its official end-of-life (EOL) earlier this year.
“On 14 January 2020, Microsoft ended support or the Windows 7 operating system, which includes security updates and technical support.” “Continued use of Windows 7 creates the risk of cyber criminal exploitation of a computer system.”
While it still may pose a challenge for some companies, the FBI is now urging companies with these devices to upgrading to newer versions of the Windows operating system.
“However, these challenges do not outweigh the loss of intellectual property and threats to an organization,” the FBI said — suggesting that companies should keep an eye on the bigger picture down the road and how future losses from possible hacks might easily outweigh today’s upgrade costs.
The agency specifically cited the previous Windows XP migration debacle as the perfect example of why companies should migrate systems as soon as possible, rather than delay.
“Increased compromises have been observed in the healthcare industry when an operating system has achieved end of life status. After the Windows XP end of life on 28 April 2014, the healthcare industry saw a large increase of exposed records the following year,” the FBI said.
Windows 7 vulnerabilities already being Weaponized
The FBI also cited several powerful Windows 7 vulnerabilities that have been frequently weaponized recently, such as the EternalBlue exploit (used in the original WannaCry and by multiple subsequent crypto-mining operations, financial crime gangs, and ransomware gangs) and the BlueKeep exploit (which allows attackers to break into Windows 7 devices that have their RDP endpoint enabled).