The research, conducted in countries including the UK, Germany, Spain and the US, shows that businesses still rely on the legacy Microsoft OS despite security concerns. Millions of malware attacks target companies every month and hackers try to steal confidential data by taking advantage of the system’s vulnerabilities.
The Bitdefender study, carried out from March to May 2014 on a sample of over 5,000 companies in areas including retail, healthcare and education, found that enterprises that continue to run Windows XP since the April 8 end-of-support date are now more vulnerable to cyber-attacks. Users of the operating system no longer receive new security updates, non-security hotfixes, free or paid assisted support options or online technical content updates.
“A few weeks after the end of support announcement, a new Internet Explorer zero-day vulnerability turned into a permanent threat for XP users,” states Catalin Cosoi, Chief Security Strategist at Bitdefender. “That was until Microsoft issued a patch that was made available for Windows XP users as well. However, this was an exception that shouldn’t make enterprises believe it will happen again, so the swift migration from XP is a must for all users.”
The most targeted company in the three-month analysis was a web marketing business that had to deal with almost 800 million malware attacks. Other SMBs in the top targeted industries included a logistic services firm based in the UK and an Irish retail company.
Bitdefender’s research showed that 37 per cent of SMB employees are working remotely or from home, increasing BYOD trends and security risks. At the same time, 17 per cent of SMBs allow employee-owned mobile devices full access to the VPN.
The study also showed that 53 per cent of the companies upgraded to the more secure system Windows 7 Professional. Only a small percentage of the analysed SMBs are using other Windows versions such as 7 Home Premium and Windows 8.1 Pro, while a few have also installed dedicated server products.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.