The IT world is preparing for one of its highest profile deaths on April 8th, 2014. Microsoft will be discontinuing security updates and technical support for Windows XP and its variants. Microsoft will not mourn, as their call to action is to migrate off of one of its most popular consumer operating systems in history.
Any Walking Dead fans out there? In the opening episode, a wounded Georgian sheriff wakes from a coma only to find that his world had forever changed into a zombie infested wasteland. The living are left defenseless against the walking dead.
What does this mean to you? Preparing for the zombie infestation
In a published survey in February 2014, Windows XP and its variants are still the second most popular operating system in the world according to NetMarketShare. Windows XP represents a staggering 25-30% operating system usage share, so we can safely assume that the majority of them will still be in use after April 8th, 2014.
The discontinuance of security updates of Windows XP will have direct and indirect consequences to the “connected” world. New vulnerabilities and weaknesses in Windows XP will no longer be patched and will become easier targets for hackers and malicious users over time. The multitude of unpatched operating systems will likely add to the continuum of compromised machines on the Internet. In addition, impacted businesses and financial firms will have indirect impacts on the consumer. It only takes one zombie to start an outbreak.
As we have all learned, to take down a zombie, you must go for the head. In this case, “going for the head” is upgrading to one of the supported platforms by Microsoft. Many will take this approach, but what of those that will not be able to by April 8th? We need to shift our focus from prevention of the infestation to containment of it.
- Start from a solid base. Make sure that your XP systems are all up to date with current OS, application and security software patches and versions. Don’t get infected with a known vulnerability from several years ago.
- What can you do better? Assess your current security controls. Can you make enhancements to technology and processes that are in place? For example, can you better utilize your log management? Enhance security event monitoring and alerting? Isolate your XP machines via network segmentation?
- Consider extending support. Governments and large companies are negotiating with Microsoft to extend support for Windows XP. Microsoft is providing extended support for approximately $200 per OS. This can provide some assurance of treatment if there is an infection.
- Consider 3rd party patches and security updates. There will be several companies providing patches and security updates for Windows XP. While this is certainly a path some will go down, you must walk the path with both eyes open. Can you trust the 3rd party fixes? How will they be supported? It is entirely possible that the 3rd party updates may be hiding a zombie or two of their own in the shadows.
- Consider additional protection. While the options for enhancing the Windows XP hosts are limited, since 3rd party vendors will stop supporting XP as well, there are possibilities to arm your network against malware. Consider implementing an advanced malware solution within your infrastructure to detect and block malware activity from reaching your hosts as well as preventing your infected hosts from communicating outside of your network.
- How is your incident response? Prepare for the infection. Build, enhance, and test procedures to respond quickly. How do you identify? How do you contain? How do you clean? It will be a matter of when, not if, Windows XP will be compromised.
Prepare yourself. The walking dead are coming and there will be victims. Prevent the infestation from spreading.
Questions on some of the recommendations? Have some more ideas to add? Please let us know!