Why DCs Should Care About The WannaCry Ransomware Attack – And Three Things To Do Now To Protect You

The recent worldwide ransomware attack that affected computers running Windows operating systems points to a looming security risk facing many Distribution Centers. A vast proportion of the affected computers in the WannaCry attack were running an unsupported operating system, Windows XP. Those computers were not eligible to receive regular security updates, which left them particularly vulnerable to the virus. A similar situation will face DCs after 2020, when Microsoft ends support for the Windows mobile operating system that runs the vast majority of mobile computers used for RF and voice applications today.

Three Things To Do To Protect Yourself

1. Understand the Issue. As reported in Wired Magazine, the best protection against the WannaCry ransomware was to download and install a security patch provided by Microsoft. For most users, that patch is applied as an automatic update. However, for computer users with WindowsXP, there was no patch because Microsoft had ended support for that OS in 2014. As the article states: “With very few exceptions—including an emergency patch after the first wave of WannaCry infections and expensive, specialized service contracts—Microsoft no longer provides any security support for the OS. A computer running XP today is a castle with no moat, portcullis raised, doors flung open, greeting the ravaging hoards with wine spritzers and jam.”

The exact same situation will face DCs using devices running Windows Embedded Handheld 6.5 in 2020, the sunset date by which Microsoft will stop providing updates. The Windows Embedded problem in the DC is even more pervasive than the Windows XP issue: Less than 10 percent of PCs in use today use XP; by contrast well more than 70% of all RF, vehicle mount and voice devices used in DCs today are running the Windows operating systems that are sunsetting in less than three years.

To be fair, many of the mobile devices used for RF or other applications in the DC do not have direct access to the Internet, making them less susceptible to attack. Nevertheless, the risk to these devices is real, and avoidable, Plus, there are risks beyond security to using devices with obsolete operating systems.

2. Know Which Devices Are At Risk. Since the late 1990s, the majority of industrial RF devices have used successive generations of Microsoft mobile operating systems, which allowed DCs to upgrade devices without changing their software applications. This Windows mobile platform was remarkably stable and reliable, by any standard. The last of this OS generation is still being sold on a wide range of warehouse hardware, including popular vehicle mount computers, traditional handheld and wearable devices, and even voice-only terminals.

Your IT organization should be aware of the following end of support dates for the OS versions that are still being shipped today (and note that older operating systems may be out of support already):

You can find the end of support dates for the devices in your DC from Microsoft.

3. Develop A Migration Plan. If you are using any devices with an outdated and unsupported OS, you should immediately upgrade the OS (if possible) or replace the device (if the OS cannot be upgraded) with a device running a supported Windows operating system. Longer-term, you will have to plan to move to a new mobile operating system platform, whether that is Windows 10 (or another new Mircosoft platform), Android, or Apple iOS. It should be noted that Zebra and Honeywell, the leading hardware providers for the DC, have each announced support for Android in many of their newest hardware devices. What many operations people don't realize is that changing to a new OS has major implications for your warehouse software systems.

The vast majority of warehouse applications were designed to run only on current Windows mobile devices, so ask your vendor if your current voice, RF or other applications can run on other operating systems. Windows-only applications will have to be rewritten to run on a new OS. For most DCs, this would include older Web browser-based applications, Telnet/terminal emulation software, other RF applications, and voice-directed applications. Many voice applications, in fact, use speech recognition technology that is tied to the current Windows operating system, making a “port” to a new OS platform an even greater challenge.

Beyond your current applications, if you are considering any new applications for use in your DC, you should ask your software provider if they support Android or other viable, long-term operating systems. And anyone buying new Windows-based hardware devices should realize that those devices will be obsolete before they are fully depreciated.

The Sky Isn't Falling

If you are using devices today that will be affected by the Windows sunset, you still have time to act. Those devices and applications will continue to run reliably and securely. However, failing to consider your alternatives may leave you in a vulnerable position in as little as three years. Given the ever-changing nature of cyber-threats, its more important than ever that these issues be addressed pro-actively.

SC
MR