In three months, Microsoft will discontinue support for Windows 7, the legacy operating system that first debuted in 2009. Although announcements about this “end of life” milestone have dominated the news in 2019, the overall market share for Windows 7 still stands at 30%, meaning that millions of computers and computer users remain at risk.
The latest virus to take advantage of Windows 7’s vulnerabilities is Smominru, a credential-stealing botnet reportedly infecting nearly 100,000 machines and 5,000 networks a month worldwide. Although Smominru first appeared in 2017, its status as a threat on security experts’ radar increased exponentially in 2019.
Earlier this summer, research revealed that the cyberattackers responsible for the virus had started harvesting additional data from infected machines. Small servers hosting one to four individual computers are still the main target for Smominru—which means that small businesses still running Windows 7 stand to suffer the most as January 14, 2020, the end-of-support date approaches.
Market share statistics reveal that the number of Windows 7 users is steadily dropping—a rare bright spot on the cybersecurity landscape. Between October 2018 and October 2019, Windows 7 usage dropped from 40% of all operating systems to 30%, while the number of users with Windows 10 installed rose from 40% to 50%.
In many cases, legacy accounting or data management software will only run on Windows 7, while financial concerns may also prevent many businesses from upgrading to Windows 10. On older machines, those upgrades can be particularly costly or time-consuming, making the purchase of new machines necessary.
In addition, many small businesses may choose to stick with Windows 7 out of a sense of fear, choosing the tried-and-true option over the unknown. But is it smart to risk a virus infection or a data breach that could cripple a business instead of investing in a secure IT environment?
If the aforementioned Smominru virus doesn’t convince you, consider this: in 2014, when Microsoft ended support for its popular Windows XP operating system, more than 40% of the world’s one billion Windows-powered computers were affected. Over the next few years, multiple ransomware attacks (most notably WannaCry) targeted machines still running the legacy operating system. Even as hackers continue to target its vulnerabilities time and time again, nearly 3% of the world’s computers still use Windows XP. The only question now, with Smominru still active and Windows 7’s January 14, 2020 end-of-life date looming, is how many potential cybercrime victims will hesitate and put their businesses, their systems, and their data at risk?
With just over three months left until January 14, 2020, now’s the time to act if you still have a desktop or laptop running Windows 7. Any upgrades or replacements should be implemented soon so you have time to work with a trusted IT provider on a smooth transition to avoid any downtime or interruptions.
That depends on the age of your desktop or laptop. The general rule of thumb for business machines is that anything more than three years old should probably be replaced; if a computer is less than two years old, it’s probably capable of handling an upgrade to Windows 10. This scenario will differ from business to business, with several factors—computing speed needs, graphic capabilities, hard drive requirements, and more—coming into play.
That’s why advance planning and the assistance of a trusted IT advisor are key.
Navigating the end of Windows 7 and the move to Windows 10 will require several things: a smart strategy that takes cost, timetable, and cybersecurity concerns into consideration. Conducting an assessment of your company’s current infrastructure is the key first step to identifying any looming vulnerabilities.
Need more information about Windows 7’s coming end of support? Want to know whether your computers are at risk? Contact CMIT Solutions today. We’ve assisted thousands of businesses through update/upgrade situations like this one, and we know how to help clients survive and thrive in today’s challenging cybersecurity environment. At CMIT, we worry about IT so you don’t have to.