XP users beware: hackers are targeting you


As of April 8, Microsoft stopped supporting XP. That has meant no more free security updates — though you can still get them if you are willing to pay a premium. For a number of companies with thousands of XP desktops, the change has been costly. Just ask the IRS, which is going to be paying Microsoft millions each year to support its extensive XP user base.

Stu Sjouwerman, author of the book “Cyberheist,” says no massive attacks on XP systems have been spotted yet.

But it gets worse: Hackers had time to prepare for the April 8 deadline with a host of vulnerabilities that they can now exploit. The expected volume of attacks has yet to occur but some may be yet to come. Cybersecurity experts say that organizations should remain vigilant. “It’s actually been more quiet than expected, and no massive attacks have been spotted as of yet,” says Stu Sjouwerman, author of the book “Cyberheist,” and founder and CEO of security software and training firm KnowBe4. “It looks like they are doing their testing now and laying the ground work for more extensive campaigns a little later,” he adds. There are a couple of key attacks that users need to beware of. One is phishing emails, which are still surprisingly effective. The user gets an official looking message from someone claiming to represent Windows Helpdesk, Microsoft Tech Support, Windows Support Group or other Microsoft support teams. They offer an urgent update that requires the user to permit remote access to the scammer. The alternate route is via cold calls from “Microsoft Support.” They scare the user about there being no more security patches for XP, and mention that new security holes have been discovered and that users need to manually apply a patch. Those who fall for this con have handed over control of their PC workstation to cybercriminals who either use that base camp to hack into the entire network — or just hold user files hostage until a ransom is paid. Sjouwerman advises users to ignore such calls and emails completely. Microsoft never provides support in this fashion. Some experts believe that a large volume of desktops will be vulnerable in coming months, and not just because many organizations were slow to adopt a new operating system. XP remains popular. “There are still more XP systems in use today than there are Macs,” says Rob Cheng, CEO of PC PitStop. Consider one East Coast publishing firm that hadn’t received any XP branded phishing attacks but received a number of bogus shipping emails that asked the recipients to click on a link to track an item. The organization’s accounting and circulation systems only run on XP. A number of financial services organizations face the same issue.
How can companies protect themselves?
Cybersecurity professionals advise users to at least download the most current XP update, and for those also running Microsoft Office, to keep it patched, too. Turn on the Windows Firewall, and turn on Microsoft Security Essentials. Install Secunia (free), which helps you keep the apps remaining in use on XP systems fully updated. Tony Gauda, founder and CEO of ThinAir, a data security and storage company based in Palo Alto, Calif., raised concerns about XP users remaining on Internet Explorer. He explained that most attacks require network access of some kind to exploit a vulnerability. “Upgrade to security focused Web browsers like Google Chrome and disable plug-ins and add-ons that are targeted often (like Java and Flash),” says Gauda. Application-control white listing is another good idea. It locks down an XP box, only allowing known-good executables to run. “XP users should take advantage of a white list rather than a black list as it gives a better layer of protection,” says Cheng. Sjouwerman recommends isolating XP devices on separate networks with their own hardware firewalls. That prevents them from compromising new machines. “Additionally, give XP users security awareness training so they don’t fall for phishing and other attack vectors,” he says.
Share on facebookShare on twitterShare on google_plusone_shareShare on linkedinShare on email

By Drew Robb – Tech Page One 05 May 2014


Comments are closed.