If you’ve been putting off a migration to the Windows 10 operating system, you got a wakeup call on May 12. That’s the day hackers exploited known vulnerabilities in older versions of Windows to launch the largest cyber extortion attack ever.
The WannaCry ransomware attack was astonishing in both scale and speed, striking hundreds of thousands of computers in more than 200 countries within a span of 48 hours. It is believed to be the largest cyber extortion scheme in history.
According to Kaspersky Lab, roughly 98 percent of the computers affected were running some version of Windows 7. Machines running Windows 10 apparently were not affected. Furthermore, the attack exploited a vulnerability for which a patch had been issued months earlier.
People have always put off operating system updates until absolutely necessary, both in an effort to conserve costs and due to natural resistance to change. Ultimately, there always comes a point when it simply becomes too risky to cling to the old version.
The WannaCry attack makes it clear we’ve reached that point with Windows 7.
Mainstream support for Windows 7 ended in January 2015, and the end-of-sale date for both 7 and the little-used Windows 8.1 is on Oct. 31. While Microsoft says that security patches will be provided for Windows 7 until January 2020, it also warns customers that patches won’t keep the OS secure.
Holding on to Windows 7 likely will drive up operating costs due to the need to remediate malware attacks that wouldn't penetrate Windows 10 systems. Forrester analysts says new and improved security features in Windows 10 will mitigate many threats and reduce remediation costs by 33 percent.
Although users have always loved Windows 7’s stability and intuitive design, it is now nearly eight years old. It wasn't built with modern security safeguards.
Advanced security features are among the most compelling benefits of Windows 10. Enterprise-grade features such as identity and information protection are built right into the core of Windows 10. Windows 10 also improves data loss prevention by using containers and data separation at the application and file level.
Other significant security features in Windows 10 include:
Virtualization-Based Security. VBS creates an isolated subsystem for storing, securing, transferring and operating other sensitive subsystems and data. It makes it very difficult for attackers to tamper with core components of the operating system.
Windows Defender Antivirus. This built-in solution uses the cloud, machine learning and other techniques to rapidly respond to threats. Because emerging “polymorphic” strains of malware change their appearance to evade signature-based scans, Windows Defender also uses behavioral analysis to catch things that haven't been seen before.
Windows Hello. This is biometric-authentication technology designed to help eliminate traditional password vulnerabilities. It supports facial, iris and fingerprint authentication in conjunction with a personal identification number.
Device Guard. This combination of hardware and software features can be configured to lock down a device so that it can only run trusted applications that you define.
Protected Processes. This feature prevents untrusted processes from interacting or tampering with trusted processes. It makes computers less susceptible to tampering by malware that does manage to get on the system.
It’s no real surprise Windows 7 remains the most popular desktop OS with nearly twice the market share of Windows 10. It’s familiar, it’s reliable and it works. Nevertheless, the WannaCry outbreak illustrates the security risks organizations take if they fail to upgrade.
A migration to Windows 10 won’t be without challenges. You have to make sure your hardware meets minimum upgrade requirements and your applications don’t suffer from incompatibility issues. If you don’t have the time, expertise or manpower for such a project, give Verteks a call. We can simplify the process and help speed your transition to the operating system that offers the greatest protection for your critical technology assets.
