The UK National Health Service is Still Using Windows XP

  • The UK NHS is still using Windows XP, risking a devastating cyber-attack from malicious actors.
  • The number of computers that use the outdated OS is small, but still enough.
  • The UK government plans to update everything to Windows 10 by April 2021, but it looks difficult at this point.

Joanne Marie Platt, a member of the UK parliament, has submitted a question to the Secretary of State for Health and Social Care, asking about the number of computers in the NHS (National Health Service) that are using the obsolete Windows XP operating system. The response came from MP Jackie Doyle-Price, and the answer is approximately 2300 computers or 0.16% of the total number of machines that are deployed in NHS’s service. While the percentage is admittedly very low, people who understand how security works can easily deduce that the number is more than enough to offer attackers way into the NHS network and databases.

Windows XP is a system that has been abandoned by Microsoft since 2014, so these 2300 have not received any security updates in the past five years. This means that they carry a mind-boggling number of vulnerabilities right now, allowing attackers to choose from a galore of possible entry points, exploitations, and well-known and documented security flaws. With NHS not being able to upgrade their systems five years after Microsoft’s announcement for the end of the XP support, people justifiably wonder what will happen with the Windows 7 support that ends on January 2020.

The governmental plan is to upgrade all systems to Windows 10 until April 2021, and for this, they have invested a total of £210 million that will go to the improvement of the systems’ resilience against attacks, the implementation of systems that are devoted to the detection and response to incidents, and the upgrading of OS and software tools. With some offices and departments using legacy software tools to carry out their role, there are some systems that can’t be upgraded to a newer OS, as these tools will no longer be compatible. For these cases, the NHS will need to pay developers to either port the tools or order the creation of new ones.

This news is very similar to a recent report by a subcommittee of the US HSGA (Homeland Security and Government Affairs) which found that the majority of the US government agencies are not compliant to the NIST framework. According to the report’s findings, the DHS (Department of Homeland Security) is still using Windows XP and Windows Server 2003. In both the UK and the US, these agencies hold and manage sensitive citizen data, and so the modernization of the deployed systems should be an absolute priority for their governments. The fact that it isn’t, and no matter the specific reasons, shows how much the private data of citizens are valued by their political representatives.

Do you have something to say on the above? Let us know of your opinion in the dedicated section below, or share your views with our online community on our social media on Facebook and Twitter.

How to Watch America’s Funniest Home Videos Season 34 Online from Anywhere
What could be the best way to make money, spread laughter, and have a blast simultaneously? The answer: America's Funniest Home Videos....
How to Watch Family Guy Season 22 Online Free from Anywhere
Family Guy Season 22 continues to follow the funny day-to-day activities of the Griffins, particularly Peter’s. The new season is set to...
How to Watch Bob’s Burgers Season 14 Online from Anywhere
Bob's Burgers has been entertaining us with its unique charm and warmth for over 10 years. The Belcher family—Bob, Linda, and their...
For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: Chrome, Edge, Firefox, Safari