Saturday 23 September 2017

Adrian Weckler: Cyber attack is big wake-up call

At least 30,000 Irish homes and businesses still use computer systems open to virus and cyber attacks Stock image
At least 30,000 Irish homes and businesses still use computer systems open to virus and cyber attacks Stock image
Adrian Weckler

Adrian Weckler

Scared after last week's major cyber attack? It seems that tens of thousands of us in Ireland don't think it could ever happen to us. The latest figures show that at least 30,000 Irish homes and businesses still use computer systems that are hopelessly, recklessly open to virus and cyber attacks.

This is the number of households and companies still using computers with Windows XP or Windows Vista.

For those uninitiated in computer jargon, these obsolete versions of Microsoft Windows are typically found on PCs that are over eight years old. This includes more than a few machines in small Irish firms or homes.

The problem is that they are an open door to most new ransomware and scam viruses. Anti-security software doesn't really work on them. So if an outbreak like last week's global cyber attack gets to within sniffing distance of the computer, it's toast. And so are all that computer's files, photos and documents.

Microsoft has been warning of this for almost five years. It stopped providing security patches ­- with one exception - for Windows XP machines three years ago. It did likewise for Windows Vista in April.

That means that people using computers with these versions of Windows are sitting ducks with no recourse when (and not 'if') a basic common virus takes their system down.

Microsoft made one exception to its abandonment of Windows XP and Vista. It recently issued a one-time security patch to help XP and Vista users at risk from last month's global WannaCry ransomware outbreak. It has said that it won't do so again.

The good news for those still running XP systems is that this Microsoft security patch should also help to defend against the global ransomware attack experienced last week. So if you run a Windows XP PC and haven't done that yet, just search for 'Windows XP patch' in Google or within microsoft.com.

However, I suspect that almost no-one with an XP computer will do this. That's because the type of small firm or household that runs an XP computer is almost certainly the type that isn't into PC maintenance.

To be fair, there is one category of Windows XP user that doesn't quite have the latitude to simply upgrade overnight.

More than a few Irish businesses and public sector bodies use specialist machinery designed specifically to run off Windows XP computers.

This includes everything from hospital scanners to ticketing machines and CCTV cameras. Changing the XP command PC would mean a potentially messy, expensive upgrade of all the specialist equipment running off it.

This is exactly the issue that organisations such as the HSE faces. Like many huge entities, it is still caught using 1,500 systems that have Windows XP because the specialist equipment such systems drive are single-purpose machines that can cost millions.

This came to a head last month with the WannaCry ransomware outbreak that shut down several UK hospital systems. The HSE was forced to take special action so that its systems here did not suffer material damage from WannaCry, including the isolation of any XP-connected devices from possible online infection.

But these are exceptional cases. For other types of users at home and in business, it's much less arduous simply to update the PC.

By and large, there isn't much excuse not to. Computers really aren't that expensive these days. For anyone who finds that their ancient Windows XP or Windows Vista PC performs adequately, a replacement will cost well under €500.

For that, you will get a machine that is about one hundred times safer than the outgoing PC.

One reason cited for not changing computers is the hassle factor in moving files, documents and settings.

But this is much more easily done now than in the past.

If you just want one program to do it all, there are a few services you can download to do the heavy lifting.

They will make sure that all your old files (and many of your programs or applications) are copied from one PC to another. They'll even keep the same user profile and locations so everything seems familiar. Laplink's PCMover (laplink.com/pcmover) is one such option, starting at €23.95. However, like other such programs, this is done through a web link, so you'll need a reasonably good broadband connection.

If you don't want to spend money but just want to save some files, simply use one of the many free online storage services such as Dropbox or Onedrive. (Google Photos and Flickr give you almost unlimited free space for photos and videos, if that's the sticking point.)

For all the cynics out there, phasing out support for systems such as XP and Vista is not some sort of marketing trick by Microsoft. These are genuinely old, obsolete interfaces that were introduced well before the era of ubiquitous internet usage. They can't cope.

You're far better off with Windows 10 or even Windows 7 (although that system now has a limited remaining life span too as it's getting old).

Statistically, you're also better off using an Apple Mac computer. Even though Macs still represent only around 7pc of all computers in Ireland, they are much less likely than Windows PC machines to be affected by viruses, malware and other cyber attacks. The only barriers to Macs is that unfortunately they are still more expensive than PCs and existing IT support departments are still set up to favour Windows ecosystems.

However, there is no subtle irony in the Petya ransomware outbreak occurring in the same week as Apple celebrated the iPhone's 10th anniversary.

"[The] iPhone is 10 years old today," said Mikko Hypponen, an international IT security expert who works for F-Secure. "After 10 years, not a single serious malware case. It's not just luck; we need to congratulate Apple on this."

Dublin Information Sec 2017, Ireland’s cyber security conference, addresses the critically important issues that threaten businesses in the information age. Tickets for the event at the RDS in Dublin can be booked here. 

Sunday Indo Business

Also in Business