PUBLIC bodies in Dorset have left hundreds of computers vulnerable to cyber attacks by using software which has been deemed a security risk since 2014.
Hospitals and councils are among those still using Windows XP, an operating system which manufacturer Microsoft stopped supporting with security fixes three years ago.
Large parts of the NHS and many other organisations were recently plunged into chaos by the WannaCry ransomware virus. Hacks can put the public’s personal data at risk as well as disrupting services.
One IT expert has branded the continued use of XP “unacceptable”.
Royal Bournemouth and Christchurch Hospitals have 90 machines running the system, Poole Hospital 48 and Dorset County Council 80.
Dorset County Council has 52 self-service machines using Windows XP in libraries, although it says the risk is “reduced” because they are not on the council’s core network. A business case for replacing them was being considered last week.
It also has “fewer than 20” staff with council-issued computers using XP. They could access the council’s network and data until last week.
The council also has six XP machines running Scanning Station software and two running door security management.
A statement from James Ailward, the council’s service manager for ICT and customer services, said: “We operate a complex ICT infrastructure, supporting many public service functions using hundreds of different software applications.”
Some software was not compatible with later Windows operating systems. “But until an alternative is available it is not possible to remove the XP devices as that would impact on our ability to provide those public services,” he said.
The two hospital trusts both said their ability to ditch Windows XP was “constrained by some business critical applications that require XP for them to run”, adding: “We are currently reviewing this position.”
Rob Rutherford, chief executive of Dorset-based IT consultancy QuoStar, said it was “unacceptable” that public bodies were still using Windows XP.
“They’ve known the risk ever since XP has been unsupported,” he said.
“It’s still there for people to find flaws in the operating system. They’re always finding flaws even in operating systems that are supported.”
Mark Gracey, owner of consultancy Flavourfy Digital, said: “If we learn anything from the recent ransomware issues it is to keep your software and systems up to date where possible.
“The same is true for your website software, smart phones, etc.
“Running unsupported or out of date software increases the chances of a security vulnerability remaining unpatched, which can not only impact your business in terms of time and resources to recover but also puts your business and customers’ data at risk.”
Dorset Police said it had 60 computers running XP but they could not access the internet or the force’s system. At the time of going to press, it had not said how recently they had been disconnected from the internet.
Comments: Our rules
We want our comments to be a lively and valuable part of our community - a place where readers can debate and engage with the most important local issues. The ability to comment on our stories is a privilege, not a right, however, and that privilege may be withdrawn if it is abused or misused.
Please report any comments that break our rules.
Read the rules hereLast Updated:
Report this comment Cancel