End of support for Windows 7 could be cyber risk

Malcolm Latarche

Malcolm Latarche · 14 January 2020

ShipInsight


An important event that has big implications for cyber security probably will pass unnoticed today (Tuesday 14 January 220). This is the day the Microsoft will cease to offer support for the Windows 7 operating system.

Windows is the most popular operating system for computers and until Windows 10 was introduced in July 2015, the majority of new computers sold would use Windows 7. A large number of users switched to Windows 10 when it was introduced, not least because it was offered as a free upgrade by Microsoft in a departure from its former policy.

However, Windows 10 was not universally liked when it was first offered and some of those who switched to it from other systems switched back again and many users continued with their old Windows 7 system instead.

Even after Windows 10 was introduced it was possible to buy new computers with Windows 7 as the operating system. As a consequence, around 25% of all computers running on Windows does so with windows 7.

That is a significant number of computers and although many businesses will by now be running on Windows 10, there must be many older computers still in use and some of those will be in shipping company offices, on ships and also private computers used by shore-based personnel and seafarers alike.

When Microsoft ends it support for the system there will be no more automatic upgrades incorporating the latest fixes and patches for known vulnerabilities. Businesses can pay Microsoft if they want to continue getting updates for Windows 7 Professional or Windows 7 Enterprise. The Windows 7 Extended Security Updates will be available until 2023. Charges range from $25 per device to $200 per device and increase annually.

The number of what will effectively become unprotected computers may be seen as a bonus by cyber criminals and hackers. If they find a new vulnerability to exploit, there will be no protection for the user unless provided by one or other of the commercial virus and malware protection suites or by philanthropic user groups.

To avoid any major risk, cyber security experts are advising that users of old Windows 7 machines should be urgently considering a switch to a supported system so as to minimise the risk of cyber attack. For many users the ability to switch operating systems may be limited by the machine’s capabilities. In order to run Windows 10, PCs must have a 1GHz processor, 16GB of hard drive space, and 1GB of RAM memory.

In the UK, authorities have warned Windows 7 users not to do internet banking or send emails after Tuesday. The warning was issued by the National Cyber Security Centre, which is part of Britain's intelligence agency GCHQ. "We would urge those using the software after the deadline to replace unsupported devices as soon as possible, to move sensitive data to a supported device and not to use them for tasks like accessing bank and other sensitive accounts," an NCSC spokesperson has advised. It has also said that users should also consider accessing email from a different device.

Businesses can pay Microsoft if they want to continue getting updates for Windows 7 Professional or Windows 7 Enterprise. The Windows 7 Extended Security Updates will be available until 2023 for businesses of all sizes. Charges range from $25 (£19) per device to $200 per device and increase each year.

On ships many of the loading computers and other systems may well be using Window 7 and so long as they are used as stand-alone systems and not connected to the internet, they should be considered reasonably safe although media used to add data will introduce a potential risk. Upgrading these to Windows 10 may not be an option as some software programs cannot run on the latest operating systems.

The Journal

Published every February the journal is now recognised as the highest quality publication that covers all aspects of maritime technology and regulation and a must read for the industry.

More Details