According to a recent article in the New York Times, aerospace giant Boeing was hit by WannaCry. WannaCry is particularly insidious for two reasons. First, the payload itself, known as “Eternal Blue”, was designed by none other than the NSA. Secondly, North Korea used Eternal Blue to build a worm – meaning that WannaCry can propagate itself through a network without human interaction.
While I can’t speak for Boeing specifically, manufacturers tend to have high numbers of old operating systems such as Windows XP on their networks. This is because Windows XP “Embedded” edition was used in high numbers to run not only manufacturing equipment, but all sorts of other controllers such as HVAC and alarm systems. Since getting rid of Windows XP would mean replacing machinery that could cost hundreds of thousands of dollars or more, manufactures instead make the reasonable business decision to keep XP around.
The problem is, that since Microsoft no longer issues regular patches for Windows XP (and several other old versions of Windows), that these machines tend to fall out of the IT patch management cycle. However, WannaCry was so bad that Microsoft made the unusual move of issuing a patch for all versions of Windows past and present.
Stronghold Cyber Security does a lot of cyber security work with manufacturers, and we keep finding this vulnerability, known by its Microsoft name as MS17-010, even though the patch was made available back in May of 2017. In one recent case, we found that our client had over 70 vulnerable systems on their network. If WannaCry were to get onto this particular network, the results could be an absolute disaster.
This is exactly why every cyber security standard there is prescribes regular vulnerability scanning of your network – to identify security problems that fall though the cracks of regular patching. As long as businesses disregard implementing a complete cyber security program which includes regular self-audits or those done by a third party, WannaCry ransomware (and others like it) will be around for years to come.