Guest blog: 46% of UK Councils using out of date server software

The impact is that affected councils are unduly exposed to cyber threats compared with those using supported software.

A Freedom of Information request, made by COMPAREX UK, showed that 46% of councils across the country are still using one or more of Windows Server 2000, Windows Server 2003 or Microsoft SQL Server 2005. All of which are no longer supported by Microsoft and not receiving security patches.

The resulting security holes – “vulnerabilities” – could potentially be exploited by attackers to gain access to councils’ data.

Best Practice

The cyber threat is always evolving and growing, but the use of such outdated software is an unnecessary risk and councils have had plenty of warning over the risks they face.

This news that so many councils continue to use outdated software highlights the need for an urgent shift in mindset. They need to stop wondering if a cyber incident will impact them and accept that it’s more likely a case of when.

Hacking has become easier than ever thanks to the release of mass-produced exploitation kits that are readily available to anyone with a Tor browser, access to the Dark Web and some bitcoins. But as with most criminals, hackers prefer easy targets. The chances are high that if you have some basic security software installed and have kept your machine up to date with the latest patches, a hacker will pass you by as they seek out easier prey. The same rules apply online as well as offline. Make yourself an easy target, and you will become a victim.

How to stay up to date

We know that council budgets have been under strain the past few years due to cutbacks but that doesn’t really excuse them using such out of date software. Staying up to date and keeping the wealth of sensitive data they hold secure needs to be a priority.

Upgrading to the latest software is just one part of the puzzle when it comes to staying secure, however. Effective patch management also needs to be introduced as well as an incident response plan and staff training.

New automated security services such as XQ Cyber’s CyberScore™ can assist with this.

Share this

FROM SOCIAL MEDIA

Conflict minerals are a huge tech issue for tech and on 29 April we’re running a conference on how businesses from… https://t.co/vuIxKDqSV7
Don't miss the #techUKAnnualDinner on Wed 10 July where you'll hear from our keynote speaker @DCMS_SecOfState - mak… https://t.co/fyMiExG7f2
Fantastic report from @WILDLABSNET @ODIHQ & @OfficeforAI on a Data Trust pilot to aid the fight against the illega… https://t.co/gcAfkp8ROh
Will nation states reach a consensus on responsibly governing cyberspace? How can AI be used responsibly to secure… https://t.co/15cCjar0jo
Congratulations to all of the companies that have been selected for this great initiative. @techUK is pleased to h… https://t.co/dSC9vKSXG0
With climate activism in the news we're holding a workshop w/ @thecarbontrust looking at how tech firms can set amb… https://t.co/DJbOWuDDCJ
@dstlmod launches first SME Searchlight event looking at Radio-Frequency systems. For more info and to register: https://t.co/ZSy2fpHCVF
We were pleased to host the last digital buying community @gov_procurement, the next meetup on 02 May hits the Nort… https://t.co/oqlnDGbMT5
Become a Member
×

Become a techUK Member

By becoming a techUK member we will help you grow through:

Click here to learn more...