Thank you. I think there is legal liability for companies that do business on the web concerning this. That is probably why it is happening.
I have no ideal how risky for an individual it is. This deadline date was know long ago. So it is not driven by recent threats.
My solution may be a clean install of a new Linux distribution. One that is out of the box very secure.
I hate backingup for the clean install, but my current distribution has ceased to be something that can be updated.
It takes an hour to build the box. A bit longer than that to do the initial load of updates, then do the restore overnight whilst I sleep. Next morning, I have a box ready to go. (minus some support programs that I discover I'm missing as time goes by and I re-add them.
Someday, I'm actually going to be smart and keep an accurate list of the other packages I install over time. Never have been able to really manage that because I'm lazy.
BTW, using backintime makes it really easy to make a backup for offsite storage. I hook up the external drive for offsite backup, umount /backup, then mount the drive to /backup. Since I run a full backup every night, the next morning I'll umount /backup, mount the original /backup device, and I'm ready to go.