Why WannaCry might make Microsoft cry in China
Cybercrime

Why WannaCry might make Microsoft cry in China

Friday 12 March, 2017 will long be remembered by cybersecurity professionals around the world. On this day, the now infamous WannaCry ransomware epidemic began to worm its way around PCs and servers across the planet. It was aptly named, considering the mayhem it caused as organisations were forced to pull the plug. But while news on the campaign has reached saturation point, one strand is worth investigating further.

Chinese organisations are said to have been disproportionately affected by the ransomware blitz. Why? Because of an age-old reliance on pirated and unsupported software which was more exposed to the attacks. While WannaCry may not change those habits in the short term, it could yet accelerate Beijing’s long mooted migration away from Microsoft.

 

Lights out

The WannaCry attacks are said to have used two NSA exploits publicly revealed by a Kremlin-linked hacking group – the Shadow Brokers – to infect and then spread through organisations like wildfire. The main vulnerability that was exploited (MS17-010) was patched by Microsoft back in March. But crucially, only for supported operating systems. That means if you’re running XP, for example, you would not have been protected from the initial onslaught, although Microsoft broke with protocol eventually and did publicly issue a patch for these users. Those running pirated software would also not have been able to take advantage of security updates.

All of which brings us to China. We all know the country is overwhelmingly Microsoft dependent. As of April, Windows had just under 93% of the desktop OS market. But according to the most recent stats from the Business Software Alliance, the rate of unlicensed software in the country stood at a staggering 70% in 2015, at a cost of $8.7 billion. Ouch. How about unsupported software? Some stats claim XP still has an 11% share of the market. But the figure could be as high as 19%, according to Baidu data sourced by Computerworld. That’s double the share of Windows 10 and more than double the global average of 7%.

Yet surely these trends apply only to consumers, you might think. Not so, according to reports of WannaCry infections at major Chinese multinationals (China Telecom, PetroChina) and prestigious universities (Tsinghua Uni). The threat also spread to other industries including banking, electricity, energy, healthcare and transportation, according to CNCERT.

While infection with WannaCry isn’t cast iron proof that an organisation was running an outdated or unsupported software version – after all, they may simply have been slow to patch – it would explain the severity of the outbreak in the Middle Kingdom. Reports from the state TV broadcaster claimed over 40,000 organisations were hit, with one in five petrol pumps taken offline, according to the China National Petroleum Corporation.

Chinese IP addresses were the source of about 8% of global WannaCry-related traffic detected by Finnish cybersecurity firm F-Secure over the weekend, the firm told me. However, the firm claims to have limited visibility into China, so the real number could be much higher.

 

Microsoft in trouble?

This is exactly what Microsoft didn’t need in China – another reason for the government to seek home-grown alternatives to its products.

“The WannaCry situation will almost certainly validate China's concerns,” F-Secure security advisor, Sean Sullivan explained to me.

The truth is that, unlike the flashy smartphones toted by a rapidly growing affluent middle class, computer software has never been seen as a sexy status symbol in China. That feeds in to a culture where many consumers are reluctant to pay for it. Yet even in organisations that should know better, anecdotal evidence suggests pirated and unsupported software – mainly Microsoft – abounds. Is this going to change anytime soon? Not likely – and that could spell bad news for Redmond.

Microsoft has had a shaky relationship with the Chinese government for many years. Beijing was not amused when Redmond signalled its intent to end support for XP, trying to get the computing giant to change its mind. Microsoft refused but did offer free upgrades. However, this seems not to have placated Beijing, which has a long-term goal of national self-reliance in IT. In fact, the government even announced a bizarre ban on Windows 8 a few years back, despite continuing to buy Win7 licences. Then there’s the antitrust investigation launched in early 2016.

Microsoft has bent over further by recently producing a specialised version of Windows 10 for government use there. But it’s still unlikely to change the long-term future. Edward Snowden-leaked revelations over NSA interference in US-made products was a PR dream come true for Beijing and it still uses security concerns to justify weaning itself off foreign products. In the front seat to take that role could eventually be Linux-based “XP rip-off” NeoKylin. It’s likely that WannaCry will only harden China’s resolve to move away from Microsoft, even if its own preoccupation with outdated and pirated software may ultimately have been to blame.

 

Also read:
People and processes responsible for WannaCry outbreak

PREVIOUS ARTICLE

«Could blockchain solve the threat of ransomware?

NEXT ARTICLE

Five tips to keep your business safe from the next global cyber worm»
author_image
Phil Muncaster

Phil Muncaster has been writing about technology since joining IT Week as a reporter in 2005. After leaving his post as news editor of online site V3 in 2012, Phil spent over two years covering the Asian tech scene from his base in Hong Kong. Now back in London, he always has one eye on what's happening out East.

  • twt

Add Your Comment

Most Recent Comments

Our Case Studies

IDG Connect delivers full creative solutions to meet all your demand generatlon needs. These cover the full scope of options, from customized content and lead delivery through to fully integrated campaigns.

images

Our Marketing Research

Our in-house analyst and editorial team create a range of insights for the global marketing community. These look at IT buying preferences, the latest soclal media trends and other zeitgeist topics.

images

Poll

Will Kotlin overtake Java as the most popular Android programming language in 2018?