While it’s unfair to assign all the blame for the massive “WannaCry” cyberattack to any one specific party, at least some part of it comes down to people and IT organizations simply not upgrading their PCs.
The ransomware exploited a security hole in Windows XP, a 15-year-old operating system that Microsoft stopped updating in 2014. Despite its age and obsolescence, Windows XP was still used on more than 7% of PCs around the world as of April, according to NetMarketShare data charted for us by Statista.
Microsoft released a patch for XP on Friday that addressed the exploit. But that patch came two months after it issued similar ones that fixed the same flaw in more recent versions of Windows. Those who hadn’t installed those patches before the “WannaCry” outbreak now have another reminder of how crucial it is to stay up-to-date.
To be sure, it’s understandable why people might not be running a more recent version of Windows – updating equipment costs time and money. And there’s blame to go around. Microsoft’s practice of discontinuing support for older versions of its operating systems leaves those still running them vulnerable. Meanwhile, as Microsoft argued, the government’s practice of stockpiling exploits and keeping them secret makes it all the more dangerous when they’re leaked.
- Skye Gould/Business Insider/Statista