Hospitals At Risk Due To Outdated Operating Systems

The risks associated with older operating systems that are no longer supported by security updates has been highlighted in a new report.

The IoT report, from Unit 42 at Palo Alto Networks, has warned that the healthcare sector “is in critical shape” due to the fact they are using network-connected medical equipment such as X-RAY machines, that often run end-of-life operating systems with known vulnerabilities.

These outdated operating systems include Windows XP (released in 2001), Windows Vista (released in 2006), and Windows 7 (released in 2009).

Old operating systems

Microsoft ended its official support for XP back in April 2014, and it also canned support for Windows 7 in January this year.

The fact that hospitals are still running X-RAY and MRI machines, as well as CAT scanners, using these old unsupported operating systems makes them vulnerable to exploitation.

Indeed, Unit 42 found that more than four out of five medical imaging devices it reviewed were running on unsupported operating systems.

Indeed, it examined 1.2 million internet-connected devices in hospitals and other businesses and found that 83 percent of these network-connected devices run outdated software.

Hospitals are not the only organisations at risk of out of date software.

In 2017 for example Greater Manchester Police was found to be still using Windows XP, despite Microsoft ceasing support for the venerable operating system back in 2014.

Hack risk

But the research prompted a warning from security experts about the dangers posed by unsupported machines.

“If these machines are hooked up to unsupported and out-of-date operating systems, they are in a seriously dangerous position – effectively playing Russian roulette with their cyber security,” explained Jake Moore, cybersecurity specialist at ESET.

“These machines are could be extremely vulnerable to new threats and will be a direct target for cybercriminals,” said Moore. “If 83 percent of these devices are running outdated software, they have clearly not learnt from the WannaCry fiasco in 2017, and are leaving themselves open to new attacks.”

“However, organisations that still use Windows 7 may be paying for extended support, which may not be clear at first,” said Moore. “All I can suggest is that they have a scheduled plan in place for when they decide to move over to more up-to-date systems to better protect themselves from future threats.”

In July 2019, researchers at Imperial College London warned that the NHS remains vulnerable to cyber-threats such as WannaCry, and called on it to take “urgent steps” to improve cyber security.

Do you know all about security? Try our quiz!

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

Tesla Reaches $1 Trillion Valuation

Car maker Tesla now worth at least double that of Toyota, Volkswagen and Ford combined,…

2 hours ago

Australia Funds Telstra Buy Of Digicel Pacific To Thwart China

Strategic blocking? Australian government joins forces with Telstra to acquire Digicel Pacific, after interest from…

3 hours ago

Apple ‘Very Likely’ To Face DoJ Antitrust Lawsuit – Report

Two year investigation by Department of Justice of tech giants has seen acceleration of Apple…

4 hours ago

France Holds Secret Talks With Israel Over NSO Spyware

Top adviser to French President holds talks with Israeli counterpart to discuss NSO spyware allegedly…

5 hours ago

Facebook Making Online Hate Worse, Whistleblower Tells MPs

Frances Haugen answered questions from the UK parliament's Joint Committee on Monday, after cache of…

6 hours ago

Silicon UK In Focus Podcast: Women In Tech

Today we are speaking to Joanne Thurlow, Head of IT for Siemens Energy, Industrial Application…

7 hours ago