The Federal Bureau of Investigation has sent a private industry notification (PIN) on Monday to partners in the US private sector about the dangers of continuing to use Windows 7 after the operating system reached its official end-of-life (EOL) earlier this year.
"The FBI has observed cyber criminals targeting computer network infrastructure after an operating system achieves end of life status," the agency said.
"Continuing to use Windows 7 within an enterprise may provide cyber criminals access in to computer systems. As time passes, Windows 7 becomes more vulnerable to exploitation due to lack of security updates and new vulnerabilities discovered.
"With fewer customers able to maintain a patched Windows 7 system after its end of life, cyber criminals will continue to view Windows 7 as a soft target," the FBI warned.
FBI urges companies to update devices
The Bureau is now asking companies to look into upgrading their workstations to newer versions of the Windows operating system.
To this day, Microsoft still allows Windows 7 systems to be upgraded to Windows 10 at no cost -- even if this offer officially ended in July 2016.
However, in some cases, the PC's underlying hardware may not support the (free) upgrade to a much more powerful system like Windows 10, a challenge that the FBI acknowledged in its alert, citing costs that companies might need to support to buy new hardware and software.
"However, these challenges do not outweigh the loss of intellectual property and threats to an organization," the FBI said -- suggesting that companies should keep an eye on the bigger picture down the road and how future losses from possible hacks might easily outweigh today's upgrade costs.
The agency specifically cited the previous Windows XP migration debacle as the perfect example of why companies should migrate systems as soon as possible, rather than delay.
"Increased compromises have been observed in the healthcare industry when an operating system has achieved end of life status. After the Windows XP end of life on 28 April 2014, the healthcare industry saw a large increase of exposed records the following year," the FBI said.
Weaponized Windows 7 vulnerabilities already exist
Furthermore, the FBI also cited several powerful Windows 7 vulnerabilities that have been frequently weaponized over the past few years.
This includes the EternalBlue exploit (used in the original WannaCry and by multiple subsequent crypto-mining operations, financial crime gangs, and ransomware gangs) and the BlueKeep exploit (which allows attackers to break into Windows 7 devices that have their RDP endpoint enabled).
The agency said that despite the presence of patches for these issues, companies have failed to patch impacted systems. In this case, replacing older and abandoned systems may be the best solution overall.
While companies are looking into upgrading systems, the FBI recommends that they also look into:
- Ensuring anti-virus, spam filters, and firewalls are up to date, properly configured, and secure.
- Auditing network configurations and isolate computer systems that cannot be updated.
- Auditing your network for systems using RDP, closing unused RDP ports, applying two-factor authentication wherever possible, and logging RDP login attempts.