The problematic security legacy of the NHS

Published just days before the NHS found itself held to ransom by a WannaCrypt0r attack, I was predicting just that…

Is it time to pull life support from legacy software, both at operating system and application level? If you are looking at this issue from a purely security-focused perspective, that time was in fact a while ago.

Yet the NHS legacy threat refuses to die. Support for Windows XP was withdrawn in April 2014 but as many as 20% of NHS organisations could still be relying upon it as their primary operating system, and around 90% are thought to run something on it somewhere in the organisation.

I’d be willing to bet what little I have that you could apply that to Windows Server 2003 and unsupported legacy applications as well. Something must change, and change before something gives way. And by the latter ‘something’ I really mean security.

Click here to read complete article