Federal Friday - 3.21.14 - A Day of Reckoning

Blog Post created by jschim Employee on Mar 19, 2014

Friday at last...


Hello federal friends! I'm pleased to announce that the sun is setting here in Boston at 6:58pm tonight and there is major League Baseball being played this weekend. Spring officially happened yesterday which should make those of you in DC put Monday's snow-day out of sight and out of mind.


Did my ominous title catch your attention? Don't worry, this is not the end of times, or even the end of days for that matter (thank goodness) and most likely no loss of life will come of this. Unless you are XP then April 7th will in fact be your last day. As it was written by Microsoft, support for XP runs out on April the 8th of this year. However, much like we saw in Ghostbusters, end of life doesn't mean the spirit, or in this case the use of the OS, goes away.


While there is a big push in the fed space to remove XP from all networks, especially the critical and sensitive parts of those networks, the reality is it won't be done by 4/8. You, or teams within your agency, have been working tirelessly to replace this OS but it's a daunting task. While the easiest way to solve the issue is simply to install an up to date OS, the reality is there are multitude of applications that this change can affect. As we all know, not every application plays nicely with newer Windows versions. This adds an additional layer of complexity to an already complicated situation.


Yet, by continuing to run XP, you are seriously increasing the risk in your network. Many attackers have been stock piling vulnerabilities within XP and keeping them quiet until Microsoft ends support. On top of that you may actually fall out of compliance for things such as HIPAA, PCI and SOX as highlighted in an article on CSO. While these aren't always the focus of federal agencies, there are several out there that have a stake in a standard like PCI, and this could very well include 3rd parties that reside within the network, running POS for instance, that are still utilizing XP.


While there is work to be done in order to migrate to newer OS versions by year end, there are steps you can take if you haven't already, to protect your network. GCN listed 3 steps to take to organize your transition and 2 additional steps to help protect the current state of your network.

  • Know what machines are running XP.
  • Know why users are running it and what apps or services they are supporting
  • Plan not only the transition from XP, but what additional transitions, changes or updates will be needed to the apps that these systems/users are supporting
  • Isolate the machines from the network
    • Hide them from the internet where possible
  • Closely monitor traffic to and from these machines


Given the workload most security teams currently face, I would like to add an additional point that GCN left off. Communication, both internally and with your security vendors, so that the threat of XP in your environment is highlighted and every stake holder is aware of your situation. As G.I. Joe has taught us, "Knowing is half the battle."