Hackers have "a stockpile of ammo" to hit Windows XP users with after Microsoft support for the aged operating system expires today, it was claimed at a Dell security roundtable.
The 13-year-old OS reached its end-of-life today, April 8, meaning that no more patches or updates will be released to solve any future issues, and experts have previously warned that hackers are ready to exploit users who have not migrated to another operating system once support runs out.
XP accounted for 27% of all web traffic as of March, according to research firm Net Applications, and security practice lead at Colt, Will Markham, used a Dell roundtable last week to issue a wake-up call for firms still running the OS.
"You’re guaranteed you’re going to be targeted," Markham said. "If I’m a paid criminal … I will save up the ammo and then bang, when the doors are down I’ll hit it."
He added: "What you’re doing is you’re actually inheriting your risk. I’m, driving down the road and I’ve unstrapped my seatbelt and I carry on driving. I may have a crash but I might be alright."
Dell’s EMEA VP, Kevin Norlin, warned that "malicious" hackers will exploit desktops and laptops that are now unprotected, claiming a "fear of the unknown" has stopped many companies from rolling out migration.
But Ian Yoxall, director at migration specialist Intragen, claimed it was these firms scared of changing their infrastructure that were the most at risk.
"Some companies are essentially so paranoid by making steps going forward, changing their infrastructure and investing in their infrastructure, they’re always going to be more susceptible to this type of issue," he said.
The government recently struck a £5.5m deal with Microsoft to purchase custom support for public sector PCs including one million NHS computers and 34,000 desktops belonging to the Metropolitan police.
But custom support is is only available for public sector organisations , and comes as an expensive option, with prices widely reported to start at $200 per PC, doubling each year.
Gartner today issued a report stating that ignoring security threats is not a viable option for businesses still on XP.
VP Neil MacDonald said: "While doing nothing is an option, we do not believe that most organisations (or their auditors) will find this level of risk acceptable."
The analyst firm outlined a 10-step guide to reducing XP risks to a manageable level, such as reducing network connectivity.
CBR explores some options for migration here.