We recently received a request from a concerned citizen as to whether it is OK to continue using his Windows 7 PC to remotely connect into CERN. And he was right to be concerned: running Windows 7 is about as secure as running naked through the quarantine ward and hoping not to contract an infection. Would you dare?
Support for Windows 7 ended in January 2020. Apart from for some customers who are paying an extra fee, Microsoft has stopped providing any assistance and security fixes for that version of their operating system. Auto-updates are idle and do not improve the security anymore. Unless you have put additional measures in place, like having it fully disconnected from receiving e-mails or browsing the Internet, or by channeling all traffic through a tightly controlled gateway, your PC is vulnerable. Unprotected. Unsecure. Ready to be infected. In fact, it’s probably already infected.
And with the infection of your PC, your digital life is also most likely infected. Compromised. Gone. The successful attacker, once he or she has infected your Windows 7 system, has free reign on your computer. He or she can read, copy and extract all your documents, expose your private photos and videos (unless you pay a ransom; “Malware, ransomware, doxware and the like”), encrypt all your data (unless, again, you pay a ransom; ““WannaCry”? The importance of being patched!”), enable your embedded camera and/or microphone to spy on you, send malicious e-mails on your behalf, or just steal your Facebook/Twitter/Instagram/Amazon/online banking/CERN password to abuse your digital identity on those sites. Posting embarrassing messages. Buying goods with your credit card. Redirecting your money. Threatening the integrity and operation of CERN (“Blackmailing Enterprises: You are Patient Zero”).
So, it is of the utmost importance for you and your digital life that your operating system is up-to-date. Windows 7 is dead and should be kept dead. R.I.P. Instead, upgrade to a version that is actively supported by the software vendor. Windows 10 would do. Several Linux distributions are excellent alternatives. In any case, keep your computer up-to-date, enable automatic patching, and install and run decent anti-virus software for additional protection. Furthermore, and more generally, be careful when browsing the web or answering e-mails. STOP – THINK – DON’T CLICK in the event of any doubt. Just like washing your hands regularly, these few simple recommendations will nicely reduce your computer’s risk of infections. Easy, no?
Do you want to learn more about computer security incidents and issues at CERN? Follow our Monthly Report. For further information, questions or help, check our website or contact us at Computer.Security@cern.ch.