Half a million NZ PCs may face security risks within a year

Media release

Monday 8 April, 2013

Half a million NZ PCs may face security risks within a year

Today marks the 12-month countdown until Microsoft Windows XP is officially retired worldwide. Support for the 11 year old operating system ends on April 8, 2014, leaving businesses still using XP open to potential vulnerabilities and security risks.

Windows XP still makes up almost 14% of operating systems on computers in New Zealand which is approximately half a million PCs[i].

Managing Director of Microsoft New Zealand, Paul Muckleston, said that while Windows XP was one of the most popular operating systems in Microsoft’s history, it was not designed to handle today’s computing environment, or cope with advanced cyber-attacks and the challenges of maintaining data privacy, unlike newer operating systems such as Windows 7 and 8.

“By far, the security risk is the most concerning for customers as there are more sophisticated forms of attack which can impact safety of personal information and cause business disruption and extra costs.

"Technology moves rapidly, and if we compare this to using an 11 year old mobile phone or camera then it puts it into stark context – these are considered relics. However, the risks and consequences of using an unsupported operating system are significantly greater than these two examples.

“XP is three generations behind Microsoft’s most modern operating system so continuing to use PCs with XP is similar to driving a car without a seat belt or a motorbike without a helmet. The risks are real and the only way businesses and consumers can protect themselves is to upgrade.”

The end-of-support means Microsoft will no longer provide automatic fixes, updates, or online technical assistance for Windows XP. In addition to this, users will no longer receive security updates that help protect PCs from harmful viruses, spyware, and other malicious software that can steal personal information.

Many New Zealand businesses including PlaceMakers have already migrated away from Windows XP to ensure business continuity and reduce security risks. PlaceMakers recently migrated 1,200 desktops from Windows XP to Windows 7 and achieved the upgrade within six weeks.

IT manager at PlaceMakers, Chris Marra, says the migration away from XP onto Windows 7 caused little disruption and the business is already seeing the benefits of running a new operating system.

“For most employees the migration was overnight - they left the office on XP and came back to Windows 7.

“Moving to Windows 7 was a no-brainer for us - we can deliver consistent IT standards and tools across the company without compromising our desire for greater efficiency. The built-in modern security gives us comfort we are not left unprotected and productivity-wise, it allows our staff to benefit from all the new features of Windows including secure mobile access from laptops and tablets. I have great peace of mind with this decision.”

A white paper developed by International Data Corporation (IDC) highlighted the need for businesses and consumers to upgrade from Windows XP. It was reported that Windows XP is no longer fit to meet increasing technological requirements of PCs today such as integrated WiFi and Bluetooth, faster USB ports, and high-resolution monitors and touchscreen capabilities.

CEO of NZICT, Candace Kinser, has also highlighted the importance of businesses understanding the implications of not migrating from Windows XP.

“Microsoft has made significant progress in improving security over the last 10 years through the Trustworthy Computing initiative. Businesses should consider the vulnerability of their data, and the risks associated with continuing to run an out of date, and soon to be unsupported operating system.”

Findings from Microsoft’s Security Intelligence Report, Volume 13, released in June 2012, reported that Windows XP with Service Pack 3 is three times more vulnerable than Windows 7 Service Pack 1. In addition to the severe security issues, continued use of XP poses additional threats including compliance issues such as encryption, hashing, and signing, while more than 60%[ii] of independent software vendors and modern browsers no longer support XP.

To support the migration away from XP, Microsoft has announced the Windows Upgrade Centre website where businesses can get more information about this issue, learn from analysts and other customers in the region.

###

Notes:

Over the last decade, security threats have escalated in a number of ways:

MALWARE: Increased from 1000 in 1991 to millions in 2012 and has become an online crime story. Computer threats include viruses, worms, trojans, exploits, backdoors, password stealers, spyware, and other variations of potentially unwanted software.

FAKE VIRUS ALERTS: Rogue security software is the latest in major infections, where a virus will download itself on to a computer automatically and show up as a legitimate virus alert. It will then create pop-up windows on a user’s screen that show alerts that your system has been infected with the need to run a scan immediately. When the user clicks on the scan button, the virus will infect the rest of the computer. Rogue security software might also attempt to spoof the Microsoft security update process.

HACKTIVISM: According to IDC, denial of service (DoS) and distributed denial of service (DDoS) attacks are re-emerging as a threat to businesses and organisations of late. In 2012, there was a sharp increase in the frequency, bandwidth volume, and applications orientation of these attacks, and organisations were often caught unaware. Such attacks, loosely referred to as ‘hacktivism’ increased nearly 70% in the first six months of 2012 vs. the same period in 2011, according to statistics released by Prolexic, a Hollywood, Fla.-based website defense firm.

ends