Is it over yet? Last weekend, the big story was of course the Ransomware attack that succeeded in infecting, encrypting and crippling around 250,000 PCs worldwide. There was hardly a newspaper or magazine that didn’t run the story but what impact did the attack make in the world of electronics?

As you are probably aware, Ransomware is a self-contained piece of malicious software that carries out a cryptoviral extortion attack, blocking access to a user’s files until a ransom is paid, a message is displayed requesting payment to unlock the files.  Such coded nasties mostly come over the internet as attachments to emails or as a bogus link and exploit weaknesses in the operating system’s security, especially vulnerable are systems running old Windows OS’s. In this most recent case, a ransom of $ 300 to $ 500 in the form of a Bitcoin payment is demanded. Whether the files are actually recovered after payment is anybody’s guess.

All this, however, is not so simple for the electronics engineer. There are also allegedly other such system security weaknesses known and exploited by government intelligence agencies, to gather information covertly. Whether WannaCry was the work of an individual, organized criminal syndicate or some government agency is still not clear but some aspects of this attack are relevant.

Countries affected by the cyber attack. Source: Wikipedia, user Roke, CC 3.0.

Lab PCs & control systems
it’s often the case, especially in labs or in companies using older equipment that an old PC will be whirring away hooked up to some equipment because, well its always been there. Many electronics engineers are also likely to have an old PC stashed away in the basement or home lab that’s still used for a number of tasks.  These days you can’t really get far using microcontroller development boards without a Windows PC. You maybe use it for code writing, programming, browsing the web for component data sheets and of course visiting the Elektor web site to read the latest edition. You can sometimes find an old PC still in use controlling equipment or machinery that has been in situ for years, running and maintaining original software.  The common thread here is that the old PC will often be using operating systems, such as Windows XP, no longer supported by MS. These old work horses are even cherished and maintained; you can still find replacement old-style 80 MB hard drives on eBay because the more modern equivalents are incompatible with yesterday’s machine architecture.

Windows XP hasn’t been supported by MS for a number of years now, so does not get regular patches, even users of machines running  Windows 7 or 8 are often reluctant to install updates for fear that the latest patch might create problems with other programs, after all: ‘If it ain’t broke, don’t fix it’.

It sounds like common sense but it’s this sort of attitude that leaves the door open to pests like WannaCry. It’s understandable that Operating System manufacturers put much more effort into making their current products more secure but those who choose to ignore updates are living life on the edge!

For sure, WannaCry is not going to be a one-off event, its most recent version even has the kill-switch feature removed making it more robust. Its success will be imitated, that means many more of those vulnerable old work horses will need to be consigned to the recycling facility and replaced with modern PCs. You can always emulate old OS versions using virtual machine software running under Windows 10, Linux or OS X, with just a few mouse clicks. The effort will be worth it, it will help to ensure that one day in the future you won’t find yourself feeling that you just… Wanna cry.

PS: Its asking for trouble to leave PCs running old out of date OSs hooked up to the internet with a local network connection, WannaCry actively searches for victims. The severity of this attack has prompted Microsoft to provide patches for older versions of Windows:

Patch for Windows XP SP2 x64
Patch for Windows XP SP3 x86
Patch for Windows 8 x64
Patch for Windows 8 x86
Patch for Windows Server 2003 SP2 x64
Patch for Windows Server 2003 SP2 x86

We didn’t get hit but were you or someone you know affected by the attack?