All the latest UK technology news, reviews and analysis

Hackers hoarding Windows XP exploits for cut-off bonanza

10 Mar 2014
Microsoft Windows XP screen

With just less than a month until support for Windows XP ends, the security community has warned that hackers are hoarding exploits to let loose on unsuspecting firms once support ends.

After 8 April Microsoft will not release any more updates for the platform. This means that for hackers any holes in the platform they exploit will not be patched, presenting a potential gold mine.

Trouble ahead
Mark Brown, director of information security at EY, told V3 that he believes the end of support for XP will open the floodgates for hackers to release all manner of attacks.

“There could be a nightmare scenario where it becomes the Wild West, or it could be another Y2K situation where nothing actually happens,” he said.

“However, given how prevalent cyber issues have become, I would be surprised if there is a not a stock of zero-day exploits waiting to be released in April.”

Trend Micro security director Rik Ferguson is of the same opinion. “There will vulnerabilities that will be exploited – that is a given,” he told V3. “It would be short-sighted to claim all the vulnerabilities have been found, because there will still be exploits.”

Finnish security firm F-Secure was similarly candid in its assessment of the situation. "When (not if) a powerful zero-day exploit makes its way to market – that's when the real concerns begin and important questions will be asked," it said in a recent security report.

Jason Steer, director of technology strategy at FireEye, added: "Opportunist attackers won’t want to miss the chance to attack a platform that no longer patches against new zero-day attacks."

Software Russian roulette
For firms still on XP, then, they appear to be involved in a game of software Russian roulette where one of them will be hit, serving as a warning to the market.

“The first major exploit that hits the headlines is really going to drive the point home and convince those at the board level or in the executive team it is worth putting time and money into upgrading systems to avoid suffering the same fate,” said Ferguson.

However, Ferguson said it may not quite be the case that the day represents a deluge of exploits, as given the time it takes to migrate from XP, hackers will have a little while to pick their targets.

“For an enterprise to go through a complete desktop migration is a big deal and takes a long time, so there will be a reasonable period of time when hackers can make their move.”

This is scant consolation, though, and the situation appears bleak: those who have not migrated are very much on their own, with no-one V3 spoke to believing Microsoft will feel any obligation to patch any major issues that come to light.

Defensive measures
As such the onus is very much on businesses to take action to defend themselves, as noted by Steve Durbin, global vice president of the Information Security Forum.

“Organisations would be well advised to take stock now of their exposure, if they haven’t already done so, and assess the risk that this might bring to their business,” he said. “They can then understand the scope of the problem and plan to mitigate against the potential risk that this might bring.”

F-Secure also provided some tips: "Air gapping systems or isolation to separate networks from critical intellectual property is recommended. Businesses should already be making moves such as this for bring your own device (BYOD) users. XP is just another resource to manage."

The obvious solution would of course be to move away from XP altogether, but this is not an easy task, as Steer explained.

"The problem is that this is an unrealistic timeframe because it will take a lot of time and money to do this. What they [businesses] need to do is build a mitigation strategy that increases monitoring and detection technologies to address the gap that will be created."

Whatever does happen after 8 April is impossible to predict, but what is clear from all those that V3 spoke to is that XP vulnerabilities exist, will be found and will be used, and one firm is going to be the first to bear the brunt of an attack.

The silver lining is that this could serve as an impetus for firms across the world to realise the end of XP support is serious. The question is, who is going to be that first victim?

  • Comment  
  • Tweet  
  • Google plus  
  • Facebook  
  • LinkedIn  
  • Stumble Upon  
Dan Worth

Dan Worth is the news editor for V3 having first joined the site as a reporter in November 2009. He specialises in a raft of areas including fixed and mobile telecoms, data protection, social media and government IT. Before joining V3 Dan covered communications technology, data handling and resilience in the emergency services sector on the BAPCO Journal

View Dan's Google+ profile

More on Operating Systems
What do you think?
blog comments powered by Disqus

Devices at work poll

Which device do you use most for work?

Popular Threads

Powered by Disqus
LG G Flex 2 hands-on review

CES 2015: LG G Flex 2 video

A closer look at LG's latest curved-screen smartphone

Updating your subscription status Loading

Get the latest news (daily or weekly) direct to your inbox with V3 newsletters.

newsletter sign-up button

Getting started with virtualisation

Virtualisation can help you reduce costs, improve application availability, and simplify IT
management. However, getting started can be challenging


Converting big data and analytics insights into results

Successful leaders are infusing analytics throughout their organisations to drive smarter decisions, enable faster actions and optimise outcomes

Infrastructure & Network Analyst

Infrastructure & Network Analyst Solihull (and...

Head of Digital Services

Here at the Legal Aid Agency, we provide civil and criminal...

Business Intelligence Analyst

Citywire is a global publishing company with offices...

CRM System Officers

At the University of Derby, people are at the heart of...
To send to more than one email address, simply separate each address with a comma.