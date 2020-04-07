Statistics from Kaspersky reveal that 34% of South African computers may be at risk of infection without users' knowledge as they rely on an outdated or unsupported version of Microsoft Windows operating system (OS).

“Considering that this OS is the most popular software in the world and has a 21.15% market share in the country as at March this year, this reality is a cause for concern,” the company said.

Maher Yamout, senior security researcher for the Global Research and Analysis Team (GReAT) at Kaspersky, said there is no code without bugs and no program is perfect, which is why security updates are released to close potential holes before attackers find and exploit them.

They are especially important when it comes to the OS. If the OS is outdated or unsupported, there is significant risk that sensitive information could become compromised. “Windows does a great job with constant updates, and users should be using this opportunity to ensure protection from cyber-based threats,” Yamout adds.

A matter of time

He said that it is inevitably, that an unsupported or outdated OS will contain vulnerabilities that have not been patched. As such, bad actors can exploit these vulnerabilties to gain access to the system and all its data. If the machine in question is on a network, the entire organisation risks compromise.

“It does not matter if an organisation has the best cyber security solutions available, if there is even one device running an outdated OS then the whole company is compromised. This is as much an educational issue as it is a practical one. People are creatures of habit and many are resistant to change especially when it comes to their OS.”

Kaspersky research shows that in SA, 5% of the unsupported OS market consists of people still using Windows XP. Alarmingly, it had its end of life in 2014. “Even Windows 7 which was another popular choice for consumers and businesses alike, has seen its extended support come to an end in January this year.”

Banking threats

And this damage isn’t limited to network and data compromise, he adds. With malicious threats growing and becoming more sophisticated, unsupported or outdated operating systems are an easy target for such threats to be a success. “Let’s take malicious mobile banker packages which are designed to steal credentials and money from people’s bank accounts as an example, as it is a growing threat in the local region.”

According to Yamout, in the first two months of 2020 nearly 1% of connected South Africans were the targets of malicious bankers. “Putting this into context, the entire 2019 accounted for 1% of the local market targeted. Based on this, the projections for the remainder of the year could be massive.”

Mobile banking Trojans are the most rapidly evolving, flexible, and dangerous type of malware. “Now imagine having such sophisticated attacks targeting an outdated or unsupported OS. This virtually guarantees that the person will lose a significant amount (if not all) of funds in their banking accounts. Furthermore, it could compromise others as well, with hackers gaining complete access to their list of beneficiaries.”

He says consumers and businesses alike need to be cognizant of the risks associated with using outdated or unsupported software. “Keep software updated, and ensure the latest cyber security patches are in place. To do any less poses a digital risk that can have significant consequences,” concludes Yamout.