Anyone who has visited a doctor's office or hospital may have caught a glimpse of the idle screen on a computer monitor. The last one I saw showed the Windows XP logo. Turns out there are lots of health care providers who still use Windows XP in spite of the lack of support from Microsoft. I concluded that Microsoft must have outsourced the right to help secure those old systems. But that was a wrong guess.
This comes to our attention today because of this article at NakedSecurity.sophos.com. See Windows XP ‘still widespread’ among healthcare providers:
Capture Billing, a medical billing organization based in South Riding, Virginia, estimates on its website that one in four of the world’s PCs still run Windows XP and it’s likely many healthcare facilities need to “take corrective action” immediately. The company warns that such organizations might be violating HIPAA.
Hackers who are able to sneak in ancient malware can go undetected by modern anti-virus software. But having an updated system is still no guarantee of safety. All it takes is a system connected to the internet and some gullible user clicking an unsafe email attachment. It was only a few months ago that Hollywood Presbyterian Medical Center got hacked and ended up paying ransom to get back access to their medical records.