Guest Column | January 12, 2016

Cybercrime Rule #1: Machines Are Hard, People Are Soft

By Ian Trump, Security Lead, MAXfocus

MAXfocus’ Ian Trump wonders why the predicted open season on Windows Server 2003 machines has failed to materialize.

It’s 2016, and in July 2015 we had all kinds of warnings about the end of Windows Server 2003 (W2k3). However, despite the prognostications of folks such as myself, W2k3 has not gone out with a cybercrime bang. It’s interesting to me this unsupported operating system is still in service in great numbers. Despite weaknesses such as the recently disclosed help and support center vulnerability, which can only be mitigated if specific steps are followed, there has been nothing to indicate a targeted cybercrime attack on Windows 2003 has occurred or is even imminent. Certainly the trend lines we saw in the IT press showed a concerted effort to migrate the OS to something newer.

The question remains, why has a large-scale, automated attack not occurred? There could be a number of answers to this question, but I think the central argument may be this: Attacking old servers is not sexy — attacking specialized systems like POS end-points and IoT is far more interesting and ultimately financially rewarding.

Please log in or register below to read the full article.

access the Guest Column!

Get unlimited access to:
Trend and Thought Leadership Articles
Case Studies & White Papers
Extensive Product Database
Members-Only Premium Content
Welcome Back! Please Log In to Continue. X

Enter your credentials below to log in. Not yet a member of VAR Insights? Subscribe today.

Subscribe to VAR Insights X

Please enter your email address and create a password to access the full content, Or log in to your account to continue.

or

Subscribe to VAR Insights

Please tell us more about you so that we can customize our newsletters to your specific interests:

MAXfocus