Guest blog: 46% of UK Councils using out of date server software

The impact is that affected councils are unduly exposed to cyber threats compared with those using supported software.

A Freedom of Information request, made by COMPAREX UK, showed that 46% of councils across the country are still using one or more of Windows Server 2000, Windows Server 2003 or Microsoft SQL Server 2005. All of which are no longer supported by Microsoft and not receiving security patches.

The resulting security holes – “vulnerabilities” – could potentially be exploited by attackers to gain access to councils’ data.

Best Practice

The cyber threat is always evolving and growing, but the use of such outdated software is an unnecessary risk and councils have had plenty of warning over the risks they face.

This news that so many councils continue to use outdated software highlights the need for an urgent shift in mindset. They need to stop wondering if a cyber incident will impact them and accept that it’s more likely a case of when.

Hacking has become easier than ever thanks to the release of mass-produced exploitation kits that are readily available to anyone with a Tor browser, access to the Dark Web and some bitcoins. But as with most criminals, hackers prefer easy targets. The chances are high that if you have some basic security software installed and have kept your machine up to date with the latest patches, a hacker will pass you by as they seek out easier prey. The same rules apply online as well as offline. Make yourself an easy target, and you will become a victim.

How to stay up to date

We know that council budgets have been under strain the past few years due to cutbacks but that doesn’t really excuse them using such out of date software. Staying up to date and keeping the wealth of sensitive data they hold secure needs to be a priority.

Upgrading to the latest software is just one part of the puzzle when it comes to staying secure, however. Effective patch management also needs to be introduced as well as an incident response plan and staff training.

New automated security services such as XQ Cyber’s CyberScore™ can assist with this.

Share this

FROM SOCIAL MEDIA

A full list of our recent events is here: https://t.co/0R30jnHjDG A big thanks to everyone who helped us along th… https://t.co/zGzO3wANtM
And we entered the festive season with a discussion about the Government’s new Vision for Digital Health and Care w… https://t.co/5ZWpHJHW3I
And as the nights closed in, we launched #Manifesto4Matt with 250+ people at our Industry Dinner. @MattHancock welc… https://t.co/c9WPSsGtNo
We began November with a Supplier Development Day to help companies to get on to @NHSEngland 's HSS Framework. 62 c… https://t.co/X1sCp8FbYZ
In October we headed to Liverpool to explore just how much 5G could transform the health and social care sector to… https://t.co/3WXKUkScmX
At the start of Sept we decamped to Manchester for @ExpoNHS and hosted two insightful discussions with… https://t.co/sbOD1ImvBt
In August we hosted 6x GPIT Futures webinars with @NHSDigital ... and at the end of the month co-hosted a fascinati… https://t.co/9aXgmRtJgv
In July some quick-footed players took a break from the World Cup to display their agility and skills at an interac… https://t.co/bglCKYBpB5
In June we were joined by @NHSDigAcademy CEO @ukpenguin Rachel Dunscombe and @NHSCCIO to set out concrete steps on… https://t.co/hhkA5km1Ea
We kicked off May with @TJamesHawkins @NChishick @JamesTnorman leading our @NHSDigitalbriefings; and enjoyed pizza… https://t.co/ltam2iTXvh