​Eugene Kaspersky shrugs his shoulders at use of Windows XP

Amid the WannaCry deluge and security vendors offering their own postmortem, ​Eugene Kaspersky seems more concerned over why people are still running Windows XP.
Written by Asha Barbaschow, Contributor

In the wake of the WannaCry ransomware that claimed hundreds of thousands of victims across 150 countries, Eugene Kaspersky has thrown his two cents in, baffled mostly at the use of Windows XP.

"I can understand why they still use Windows XP, because if they have hundreds or thousands of PCs it's very expensive to handle all of that," the Kaspersky Lab chief said, shrugging his shoulders.

Speaking with journalists at CeBIT Australia on Tuesday, ZDNet asked Kaspersky what organisations could have done to prevent WannaCry's onslaught.

"To prevent these types of attacks for small businesses, it's much more easier than for enterprises. They just have to have their updated systems, they have to have their backups, and they have to have security solutions -- and that's good enough," Kaspersky explained.

But when it comes to larger enterprises, he said it's far more complicated than that, pointing to the amount of legacy systems often found in the wild. Machines running on Windows XP, mostly.

"Trying to replace the old systems, you have budgets, downtime, and many other things, but at the same time there are many systems that are certified to Windows XP, so they can't change it -- they can't update the certificates," he said.

"I do understand the complexity of that."

Kaspersky told ZDNet that he can see a place for government intervention where sectors such as healthcare are concerned -- the sector which initially fell victim to WannaCry.

"It could be a good idea for governments, nation states, to pay more attention to regulation of cyberspace at least for critical infrastructure for healthcare," he said.

Regulation around the systems in a hospital, for example, would also require a mandate that ensures such organisations have backups and patch management in place.

As a consequence, Kaspersky said it would also need to define the applications and systems a hospital uses, as well as how much of its tech can be connected to the internet.

But it would also need to extend to having an influence over manufacturers of healthcare equipment.

"In many cases, they have a certificate for the equipment and you can't change that, including the software, so in some cases they can't update and patch the software because of the certificate," he explained.

"It's Windows XP unpatched and it will stay unpatched forever."

Extended support for Windows XP officially ended on April 8, 2014; however, after the WannaCry deluge, Microsoft issued an emergency patch for unsupported systems, which included XP.

Organisations that found themselves infected with WannaCry were met with a ransom demand for $300 in Bitcoin to be sent to the attackers, which soon rose to $600 if payment wasn't made within three days and was followed by the threat of files being deleted forever.

While WannaCry hit over 300,000 organisations around the world, only a tiny percentage of victims have given in to the demands of hackers.

According to a bot watching the Bitcoin wallets tied to the ransomware attack, just 296 payments had been made as of May 22, 2017, netting the perpetrators 48.86 Bitcoins -- a figure worth approximately $104,436. This means that under 0.1 percent of victims have paid up.

"There was many reports about this huge number of victims of this attack, and there was the other side to the reports, how much money did they earn? It wasn't big money," Kaspersky explained.

"So it seems that many victims, most of the victims, they recovered from attacks.

"It seems that many enterprises already learned about these kind of attacks and many of them have good enough backups in place."

Editorial standards