London’s Metropolitan Police uses Windows XP, vulnerable to hacking & ransomware

London’s Metropolitan Police uses Windows XP, vulnerable to hacking & ransomware
The UK’s largest police force remains highly vulnerable to hacking and ransomware attacks, as it still relies heavily on outdated Windows XP software.

Over 15,000 computers and digital devices used by the Metropolitan Police continue to run on the dated system, decommissioned by Microsoft in 2014, leaving its users vulnerable to cyberattacks.

A spokesperson for Scotland Yard told the MailOnline the force is undergoing an extensive upgrade of its IT systems, including a revamp of its desktop computers. However, they warned the transition to modern devices is hard to achieve without disrupting services.

The upgrade program is not as simple as it would be for many other organizations due to the amount of specialist legacy software upon which parts of the Met still rely.

We have completed the upgrade of just over 17,000 devices to Windows 8.1, and this reduces the number of desktops running previous XP to around 15,000,” the spokesperson said, MailOnline reports.

Vulnerabilities in outdated Windows XP software were reportedly exploited by the WannaCry ransomware that infected over 200,000 devices, disrupting the operation of numerous UK businesses and state agencies, including the National Health Service (NHS).

It was recently established that the extensive damage to the NHS systems during the WannaCry attack could have been prevented if its IT department had used up-to-date software and issued a standard cybersecurity protocol to local hospitals.

In response to that attack, Microsoft issued an emergency security patch for users of Windows XP, mitigating security lapses in the system to prevent them from being exploited by malware.

However, it is likely that a significant number of users are yet to install the update.

Last week, security at the British Parliament was compromised by a massive cyberattack, with hackers attempting to access MPs’ email accounts.

The attack raised further concerns about the urgent need to improve the security of the Met’s IT systems.

Speaking to MailOnline, London Assembly member Steve O’Connell said: “The recent cyberattacks on Parliament and the NHS show what a serious matter this is.

The Met is working towards upgrading its software, but in its current state it’s like a fish swimming in a pool of sharks.

It is vital the Met is given the resources to step up its upgrade timeline before we see another cyberattack with nationwide security implications.

Nevertheless, the Met reaffirmed that its operations are properly safeguarded against invasive cyberattacks, despite its widespread reliance on Windows XP.

The entire Met ICT estate has a number of layers of industry-leading security, which we have been monitoring closely over the past 24 hours.

The MPS estate currently remains unimpacted by the cyberattack and our security checks continue.