E&T news Story: Security fears loom over police force’s continuing use of Windows XP

Britain’s largest police force, Greater London’s Met, uses the decomissioned Microsoft operating system Windows XP on 18,000 computers, a Tory politician has revealed.

Go to the profile of Georgina Bloomfield
Jun 28, 2017
0
0
Upvote 0 Comment

By Josh Loeb

Britain’s largest police force, Greater London’s Met, uses the decomissioned Microsoft operating system Windows XP on 18,000 computers, a Tory politician has revealed.

Britain’s largest police force is now facing fresh cyber-security fears over its use of the outdated operating system.

The Metropolitan Police uses Windows XP more than any other operating system despite fears it is not fit for purpose, a leading member of the Conservative group on the London Assembly today said.

Steve O’Connell obtained the information through a written question to Mayor of London Sadiq Khan. 

O’Connell said: “The recent cyber-attacks on Parliament and the NHS show what a serious matter this is. The Met is working towards upgrading its software, but in its current state it’s like a fish swimming in a pool of sharks.”

Microsoft recently took the unusual step of issuing a new security patch for the decommissioned software over fears that a glitch has made it susceptible to hackers.

The cyber attack on the NHS last month was widely blamed on the health service’s use of Windows XP, for which Microsoft no longer provides IT support.

A recent audit by the Information Commissioner’s Office said use of the software could affect the secure handling of personal information.

The news comes amid reports of the latest cyber attack on Ukraine and parts of the European Union.

Patrick Hunter, director at IT company One Identity, said: “All computer systems are vulnerable, on all operating systems, on all versions. Just because a company isn’t running Windows XP, it doesn’t mean that they are going to be immune.”

Tim Erlin from Tripwire, another cyber-security firm, said: “The recent WannaCry outbreak in the UK has shown us what happens when government entities and national infrastructures are not protected from today’s cyber threats.”

A spokesman for the Metropolitan Police said the force was “undergoing a complete refresh” of its information technology processes, infrastructure, and equipment, including desktop computers.

They added: “However, the upgrade programme is not as simple as it would be for many other organisations due to the amount of specialist legacy software upon which parts of the MPS [Met] still rely.

“Replacements or remediation for this software that are compatible with a more modern operating system have to be ready before the roll-out is completed to ensure continued operational effectiveness.

“We have completed the upgrade of just over 17,000 devices to Windows 8.1, and this reduces the number of desktops running Previous XP to around 10,000.

“The entire Met ICT estate has a number of layers of industry-leading security, which we have been monitoring closely over the past 24 hours. The MPS estate currently remains un-impacted by the cyber-attack and our security checks continue.”

You can read this story and others on E&T's site here.



Go to the profile of Georgina Bloomfield

Georgina Bloomfield

Digital Content Editor, The Institution of Engineering & Technology

Please sign in or register for FREE to comment