I know I’ve brought this up several times at this point, but those of you with lingering Windows 7 machines within your network are growing targets of cybercrime.
After news broke a couple of weeks ago about devastating attacks coming out from an attack specifically targeting vulnerabilities within the Windows 7 operating system, I want you to rethink your strategic approach to replacing your Windows 7 machines—especially those of you that are setting and forgetting the issue for a later date.
What this new attack is doing is targeting an exploit that Windows has already released a patch for.
The issue?
Many organizations are FAILING to patch Windows 7 machines, thinking they are no longer worth the effort. This is putting your entire network at jeopardy of a serious data breach—or even worse—a major ransomware attack. This vulnerability, named BlueKeep is enabling cyber criminals to easily deliver malicious code onto those Windows 7 machines and subsequently spreading viruses throughout your network.
Microsoft has warned that this exploit—and others like it—will be used more and more in the coming months, leading to “impactful and damaging” consequences to those that are not keeping up with their security.
While at this time, there has been little evidence as to the BlueKeep exploit actually distributing a ransomware virus or other virulent malware onto a network, Microsoft and the FBI have stated that it is only a matter of time before this happens.
You see, there are almost a million enterprise and business networks that still have Windows 7 environments left unpatched to BlueKeep and other exploits—of which criminals are sharpening their weapons for attack. At this point only time will tell how many of them will become victims of major cybercrime.
I do not want you to become the next victim.
I would not wish the predicted assaults described by Microsoft and other cybersecurity experts on anyone. The vulnerability, tracked as CVE-2019-0708, allows an attacker direct access to your Windows 7 machine, at which point the criminal could be able to install malicious software that crawls, inspects and infects the entirety of your network.
Could you imagine being down for days or weeks with a ransomware infection that you could have completely prevented with a patch?
Ransomware infections today are no easy feat. Even when you end up paying the ransom (sometimes this seems at the time like the best easy button solution), ransom attack remediation can take weeks to completely restore systems. The decryption tools are not perfect and often leave some critical files on your network locked down after you’ve followed all of the criminal’s instructions on decrypting your machine.
On top of that, several attackers are then targeting your organization a second or third time with additional ransomware viruses since they have evidence that (1) your data is valuable and (2) that you are willing a capable of paying.
Could you imagine having to experience a ransomware attack twice in a year? Nearly 70% of businesses fail after their first ransomware attack. Can you beat the odds of a second?
Microsoft is saying that your systems will be susceptible to the BlueKeep attack as long as it remains unpatched—or if the patch was not applied correctly. Microsoft is encouraging you to update your systems immediately.
My questions to you: how do you know if your machines are all patched? Who is watching out to make sure that these older machines—that might be replaced in a couple of months—are still getting enough love to protect your network from a major attack or breach?