wannacry ransomwareWhile the fallout from the WannaCry ransomware attack will reach into the billions of dollars, the one positive outcome should be a wave of upgrades for millions of older Windows PCs that unfortunately are still widely deployed. The malware employed to perpetrate the WannaCry attack largely targeted older Windows XP and some Windows 8 systems. Despite previous pledges to the contrary, over the past weekend Microsoft made available a patch for Windows XP and Windows 8 systems designed to eliminate the vulnerability being exploited by WannaCry. But the existence of additional variants of WannyCry should serve as a warning that similar attacks against older versions of Windows are in the offing.

Naturally, there’s plenty of blame to go around. Microsoft is blaming the National Security Agency for developing the tools used to create WannaCry, which apparently were disclosed by Wikileaks last March. Microsoft is being blamed for not providing patches for Windows XP earlier even though it knew millions of vulnerable Windows XP systems are still deployed. New clues are pointing to North Korea as the source of malware. Most importantly from a managed service provider perspective, organizations that did not upgrade their Windows systems are taking a lot of heat.

Ransomware wake-up call

Of course, every IT professional knows why there was a soft IT underbelly for cybercriminals to exploit in the first place. Many of the affected organizations were playing a game of risk arbitrage. Someone in the organization concluded that continuing to run some legacy application that could not run on a newer version of Windows was a better financial option than rewriting or replacing that application altogether. Given the relatively small amount of ransom that is being demanded, the business and IT leaders that made the decision may still technically be right. But the hit to the reputation of the organizations that fell victim to WannaCry far exceeds any monetary value.

Because of that issue, MSPs should expect to see a wave of two types of calls for help. The first will focus on how to implement better backup and recovery processes. The second will be about how to upgrade to a Windows environment running modern applications as quickly as possible.

Why MSPs should proceed with caution

They say it’s an ill wind that doesn’t blow some good. While many of these customers may not have been impacted directly by the WannaCry attack, they most certainly are now being scared straight. The issue MSPs should be aware of, however, is that many of these customers have already shown a predisposition to be technology laggards. Every MSP knows that over the long haul it’s much more expensive to support an organization that continues to hold on to legacy applications and equipment, so when it comes time to quote a price for their services MSPs should keep that thought in mind.

In the meantime, MSPs should make as much of their expertise available as reasonably possible. Most customers won’t forget someone who did them a good turn in a time of need. There are those, however, that will forget. The truth of the matter is that those customers typically have little to no regard for the role IT plays in their business. The good news is there’s almost as much business value in being able to more easily identify the organizations to avoid as there is helping an organization that has finally come to its senses. The hope is that one day soon there will be a lot more of the latter than the former.

Photo: Michael Lewkowitz via Flicker.com. Used under CC 2.0 License

Mike Vizard

Posted by Mike Vizard

Mike Vizard has covered IT for more than 25 years, and has edited or contributed to a number of tech publications including InfoWorld, eWeek, CRN, Baseline, ComputerWorld, TMCNet, and Digital Review. He currently blogs for IT Business Edge and contributes to CIOinsight, The Channel Insider, Programmableweb and Slashdot. Mike blogs about emerging cloud technology for Intronis.

Leave a reply

Your email address will not be published. Required fields are marked *