7 places you’ll be surprised to learn are still using Windows XP

Microsoft announced in April of 2014 that it would no longer support the 13-year-old Windows XP operating system. However, now, more than a year later, Kaspersky Labs and Net Applications both report that between 16-17 percent of computer users still use XP. You may think that it’s mostly consumers, but the reality is that millions of business-critical systems are still running Windows XP, leaving them open to potential security issues. “When a company ends support, like Microsoft did, then vulnerabilities don’t get fixed. If these vulnerabilities get public, [they] will be all over the Internet and easy to exploit. The problem with XP is that it was such a good, robust system that is still has quite a large user base,” says Andrey Pozhogin, senior product marketing manager at Kaspersky Lab North America.

We were surprised to uncover some large organizations still relying on this retired technology. Here’s a look at seven places you wouldn’t expect to still be using Windows XP.

According to a recently unclassified Navy document, Microsoft applications affect “critical command and control systems” on ships and land-based legacy systems, leaving them open to potential cybersecurity risks. But they aren’t standing idly by as they work to rid themselves of these legacy systems.

According to an IDG News Service report, the U.S. Navy just entered into a $9.1 million contract that would keep the XP security patches and updates coming until 2017. Over the entire length of the contract, the total will near $31 million.

“Without this continued support, vulnerabilities to these systems will be discovered, with no patches to protect the systems,” the Navy document says. “The resulting deterioration will make the U.S. Navy more susceptible to intrusion … and could lead to loss of data integrity, network performance and the inability to meet mission readiness of critical networks.”

The Navy is also paying for continued support for Microsoft’s Office 2003, Exchange 2003 and Server 2003. The Navy has been transitioning away from the obsolete systems but at the time of this report it has more than 100,000 workstations running Windows XP and other aging systems.

Last year, Forbes reported at an alarming 75 percent of life-sustaining water utility companies were still operating using Windows XP. Numbers like that make this area vulnerable to cyber attacks. According to Matt Wells, general manager for automation software at GE Intelligent platforms, the utilities industry are slow to adopt new technologies but with the ending of XP support, cloud computing will help these outfits transition to newer technology.

From the heat in many homes to the electricity that powers your PC and keeps your lights burning, Windows XP is still being used on workstations in a majority of the electric and gas utilities in the U.S., according to Michael Assante, the former vice president and CSO for the North American Electric Reliability Corp. and former CSO for American Electric Power Company Inc., in a recent Forbes article.

And the energy industry is worried, according to a report from last August. In fact, cybersecurity has moved onto the list of the top five concerns for U.S. electric utilities, according to data from a recent U.S. News and World Report article, which reported that “…if only nine of the country’s 55,000 electrical substations were to go down — whether from mechanical issues or malicious attack — the nation would be plunged into a coast-to-coast blackout.” Federal regulators have stepped in adding cybersecurity standards for the electric industry. Cybersecurity, according to the report, has “surged in the ranking of the Top 10 industry issues … leapfrogging two spots to number four.”

While not an XP issue, this Gizmodo article reports that in 1985, the Grand Rapids School District put into service a Commodore Amiga, programmed by a local student, to control heating and cooling services throughout its 19 public schools. Well, 30 years later, the Amiga is still faithfully performing its duties, although not without its share of repairs and replacement parts over the years. The best part is that the same student who originally programmed the system still lives locally and makes himself available to administer and repair any hiccups along the way. “The kid who programmed the machine is the only one who knows how to fix them,” Gizmodo reports.