"We kept using the old server because it was stable until it got hacked."
COMPANY
Sector: Public Administration
Size: 600 employees
Location: Wallonia
FACTS & FIGURES
5 servers running Windows Server 2012 past end-of-life
No security updates available
Business Impact: Exploited via unpatched RDP vulnerability
STORY
A local administration in Charleroi continued running critical applications on outdated Windows Server 2012 systems, long after Microsoft had ended support. Administrators argued the systems were stable and replacing them was costly. Unfortunately, attackers scanned the internet for vulnerable systems and exploited an unpatched RDP vulnerability. They gained control of the servers, extracted sensitive citizen data, and disrupted online services for weeks.
INCIDENT OVERVIEW
End-of-life systems are silent liabilities. They operate as usual, but without updates they are defenseless against known exploits. Every vulnerability disclosed after end-of-support is essentially a roadmap for attackers, who know no fix will ever come. Here, the belief that stability outweighed security left critical servers exposed, allowing attackers to weaponize old flaws for devastating results. The absence of lifecycle management transformed legacy servers into permanent backdoors.
BUSINESS IMPACT
Exposure of citizen personal data
Loss of public trust and credibility
High costs for emergency system upgrades
SECURITY MEASURES
Establish lifecycle management policies for operating systems
Migrate to supported versions promptly
Use virtual patching as a temporary mitigation
RESOURCES