Some of the biggest businesses in the world still run legacy systems somewhere in their organization. I work for one of the top 5 retail data processors in the world and we have a handful of ancient legacy apps that can’t run on anything more modern than Server 2012.
And almost none of them take the proper precautions for vulnerable systems.
I mean for fuck’s sake, Office Depot’s Southeastern regional headquarters’s HVAC system is (well as of 2019 when I last checked) is controlled by a truly decrepit Windows 2000 box THAT IS NETWORK CONNECTED!
All it takes is one compromised device, and there isn’t a single company I’ve worked for (and I’ve worked for several bigger ones) that didn’t have at least one vulnerable device network connected.
Companies probably will.
Some of the biggest businesses in the world still run legacy systems somewhere in their organization. I work for one of the top 5 retail data processors in the world and we have a handful of ancient legacy apps that can’t run on anything more modern than Server 2012.
And almost none of them take the proper precautions for vulnerable systems.
I mean for fuck’s sake, Office Depot’s Southeastern regional headquarters’s HVAC system is (well as of 2019 when I last checked) is controlled by a truly decrepit Windows 2000 box THAT IS NETWORK CONNECTED!
Sigh. You said it yourself, somewhere. Not everywhere.
And this distinction is important why?
All it takes is one compromised device, and there isn’t a single company I’ve worked for (and I’ve worked for several bigger ones) that didn’t have at least one vulnerable device network connected.
Hahahahahaha…breathes…,… hahahahah
But in all seriousness, they %100 will not. There are still companies that have winxp machines and servers on 2000/2003.
There is an entire sector of the secops industry built on protecting these machines.
Not 100%, but most big businesses will.