Honda Shuts Down Factory After Finding NSA-derived Wcry In Its Networks (arstechnica.com)

← Back to Stories (view on slashdot.org)

Honda Shuts Down Factory After Finding NSA-derived Wcry In Its Networks (arstechnica.com)

Posted by msmash on Wednesday June 21, 2017 @06:05AM from the security-woes dept.

A Honda factory near Tokyo was shuttered for over 24 hours this week after its computers became infected with WannaCry, the same ransomware virus responsible for crippling systems in dozens of countries last month, the car manufacturer said Wednesday. From a report: The automaker shut down its Sayama plant northwest of Tokyo on Monday after finding that WCry had affected networks across Japan, North America, Europe, China, and other regions, Reuters reported Wednesday. Discovery of the infection came on Sunday, more than five weeks after the onset of the NSA-derived ransomware worm, which struck an estimated 727,000 computers in 90 countries. [...] Honda officials didn't explain why engineers found WCry in their networks 37 days after the kill switch was activated. One possibility is that engineers had mistakenly blocked access to the kill-switch domain. That would have caused the WCry exploit to proceed as normal, as it did in the 12 or so hours before the domain was registered. Another possibility is that the WCry traces in Honda's networks were old and dormant, and the shutdown of the Sayama plant was only a precautionary measure. In any event, the discovery strongly suggests that as of Monday, computers inside the Honda network had yet to install a highly critical patch that Microsoft released in March.

63 comments

Min score:

Reason:

Sort:

I'm so confused by s.petry · 2017-06-21 06:11 · Score: 3, Insightful

Last week we heard how the DPRK was responsible for Wannacry. Today it's back to the NSA. Can we at least keep our talking points consistent?
PS. Sucks for Toyota no matter who did it, and sucks even more if US "intelligence" is at fault for creating these tools and letting them out of a lab. (Intelligence is intentionally quoted because many who work in that area are quite frankly not.)

--
-The wise argue that there are few absolutes, the fool argues that there are no probabilities.
1. Re:I'm so confused by gnick · 2017-06-21 06:20 · Score: 4, Insightful
  
  Last week we heard how the DPRK was responsible for Wannacry. Today it's back to the NSA. Can we at least keep our talking points consistent?
  The NSA was responsible for leaking the exploit that was used for WannaCry. DPRK may have been the ones to weaponize it. I don't understand the confusion.
  
  --
  He's getting rather old, but he's a good mouse.
2. Re:I'm so confused by Anonymous Coward · 2017-06-21 06:23 · Score: 5, Funny
  
  PS. Sucks for Toyota
  Boy, you ARE confused. ;)
3. Re:I'm so confused by Anonymous Coward · 2017-06-21 06:23 · Score: 0
  
  Sucks for Toyota no matter who did it, ...
  No, I think Toyota is perfectly fine with Honda shutting down even temporarily.
4. Re:I'm so confused by Anonymous Coward · 2017-06-21 06:25 · Score: 0
  
  >PS. Sucks for Toyota no matter who did it
  Not sure why, considering the article was about Honda. But who are we kidding, all Japanese car companies look alike.
5. Re: I'm so confused by jeffasselin · 2017-06-21 06:35 · Score: 4, Informative
  
  Correction: Microsoft made coding errors leading to an exploit. The NSA found the exploit. They left their exploit tool and code on a server that was hacked by somone else (russians?). The Shadow Brokers (russians?) leaked those. Then the north koreans used it in wannacry.
  So you can blame Microsoft, the NSA, Russian Intelligence AND the North Koreans. It's an equal opportunity blame game!
  
  --
  If he explores all forms and substances Straight homeward to their symbol-essences; He shall not die.
6. Re:I'm so confused by Anonymous Coward · 2017-06-21 06:43 · Score: 0
  
  All Asian cars look like, so....
7. Re:I'm so confused by Anonymous Coward · 2017-06-21 06:44 · Score: 0
  
  the irony... talking points, keeping it straight. HONDA NOT TOYOTA you fucking idiot.
8. Re: I'm so confused by buffetw · 2017-06-21 06:55 · Score: 1
  
  Chances are an NSA government contractor found it.
9. Re: I'm so confused by hairyfeet · 2017-06-21 07:13 · Score: 2
  
  If we follow your logic we get to blame Linus Torvalds for everything from kernel panics to Heartbleed, it IS his OS after all.
  Of course for those of us living in reality and not la la land we all know that OSes are some of the most complex pieces of software ever written, millions upon millions of lines of code that not only has to manage hardware as diverse as a maker board to huge server clusters but also provide the foundation upon which hundreds of thousands of pieces of software is built upon.
  Anybody who thinks something as complex as a full featured (as opposed to some stripped down embedded OS) Operating System can be made 100% bug free? Is a fucking idiot that knows jack shit about how OSes actually work or a bleating fanboy desperately trying to wave his little flag for the OS of his choice by attacking the perceived competition, probably because he has serious self esteem issues....so which are you?
  
  --
  ACs don't waste your time replying, your posts are never seen by me.
10. Re:I'm so confused by Anonymous Coward · 2017-06-21 07:30 · Score: 0
  
  Sucks for Toyota. .....
  You are confused. It wasn't Toyota.
11. Re:I'm so confused by Anonymous Coward · 2017-06-21 07:52 · Score: 0
  
  Someone pretending to be dumb in order to make an obtuse, intellectually-dishonest point about how the gov't lies to you. Gee, why does this sound so familiar this year of all years???
12. Re:I'm so confused by rahvin112 · 2017-06-21 08:10 · Score: 1
  
  The NSA didn't leak it, they created the code, wikileaks and an anonymous leaker leaked it. The code was then incorporated into the Wcry ransomeware.
13. Re:I'm so confused by BronsCon · 2017-06-21 08:13 · Score: 1
  
  Pretty sure it sucks for Honda; Toyota might sell more cars due to Honda's reduced production.
  
  --
  APK quotes people (including myself) without context and should not be trusted. Just thought you should know.
14. Re: I'm so confused by Anonymous Coward · 2017-06-21 08:15 · Score: 0
  
  Linux Torvalds didn't write any version of Windows.
15. Re: I'm so confused by BronsCon · 2017-06-21 08:17 · Score: 1
  
  ... which is how we know about it now, so we should thank that contractor. Had they not found it, someone else may have ; and that entity may have protected that knowledge better.
  
  Never blame the person who found the flaw; blame only those tho create and exploit such flaws. Those who create open the door for those who exploit, while those who find open the door for those who fix.
  
  --
  APK quotes people (including myself) without context and should not be trusted. Just thought you should know.
16. Re:I'm so confused by Anonymous Coward · 2017-06-21 08:20 · Score: 0
  
  The NSA didn't leak it...
  It depends on how you define "leak". Somebody leaked it intentionally. I'd say the NSA leaked it unintentionally. If it was never leaked by the NSA, it would still be confined there.
17. Re: I'm so confused by erapert · 2017-06-21 09:23 · Score: 1
  
  How do we know the NSA didn't pay M$ or apply pressure to insert that coding error in the first place? They've done similar things in the past.
18. Re: I'm so confused by turbidostato · 2017-06-21 11:41 · Score: 1
  
  "Correction: Microsoft made coding errors leading to an exploit"
  Exactly that.
  It is not "networks" that are affected. It is not "computers" that are affected.
  It is operating systems. And not any operating system: Microsoft operating systems.
19. Re: I'm so confused by jimtheowl · 2017-06-21 11:47 · Score: 1
  
  "get to blame Linus Torvalds for everything from kernel panics to Heartbleed"
  
  Heartbleed was due to mistakes introduced into the OpenSSL cryptographic software library and has little to do with the OS, Linux or Linus Torvalds. You credit him with way too much.
20. Re: I'm so confused by Skuld-Chan · 2017-06-21 12:36 · Score: 1
  
  Software bugs are inevitable - especially in OS's that are 30+ years old. You can do all manner of testing, something will be left unturned.
  I think the big crime here is the NSA for instead of responsibly disclosing the problem to the developer (Microsoft) they decided to keep it as a future weapon.
21. Re: I'm so confused by Anonymous Coward · 2017-06-21 13:45 · Score: 0
  
  And both Linux and macOS, despite their comparatively pitiful marketshare in the desktop computer market, have also been susceptible to coding errors that lead to vulnerabilities. For example Linux is just the kernel, but Linux-based operating systems predominantly use OpenSSL, Microsoft and Apple's SSL libraries were secure but the one used by Linux operating systems was not.
  Sticking your head in the sand and saying "it's only microsoft" is just ignorant and stupid, just the other day another buffer overflow vulnerability was found in Linux that lead to privilege escalation exploits and this came about because of the bumbling attempt to fix it the first time it was identified.
  No operating system is secure and thankfully vulnerabilities can be found and disclosed to the vendor whether it is open source or closed source.
22. Re: I'm so confused by turbidostato · 2017-06-21 16:38 · Score: 1
  
  "And both Linux and macOS"
  So wannacry attacks Linux and macOS now? No? So I thought.
23. Re: I'm so confused by Anonymous Coward · 2017-06-21 18:23 · Score: 0
  
  And the NSA definitely didn't promise to hit anybody with a wrench until they intentionally added this crappy code to their codebase. Nope. They are totally 100% trustworthy. You know this because they ALWAYS obey the law and never break it. Go read about it yourself in their non-top-secret court documents.
24. Re: I'm so confused by thegarbz · 2017-06-21 20:31 · Score: 1
  
  It's an equal opportunity blame game!
  It's only an equal opportunity blame game when there is a perfect method of removing all human sources of error and every problem was systematic. Microsoft gets to share equal blame with malicious actors when you can show me evidence that an OS can be coded 100% without bugs. Until then the malicious actors deserve the majority of the blame, especially the one who enabled the exploit by keeping it secret, weaponising it and then failing to protect the weapon.
25. Re: I'm so confused by Anonymous Coward · 2017-06-26 10:39 · Score: 0
  
  You people can't run away with your fingers in your ears. Linus continues to authorize merging of code on a daily basis. Its his responsibility. Every single Linux kernel release continues to have security vulnerabilities...
They should sue the NSA by gweihir · 2017-06-21 06:15 · Score: 4, Insightful

But as usual, criminal activity (and we have at the very least "criminally negligent" on the NSA's part here) by state actors has zero negative consequences for them. One of the corner-stones of a corrupt government that has forgotten that it serves the people.

--
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
1. Re:They should sue the NSA by phantomfive · 2017-06-21 06:37 · Score: 1
  
  and we have at the very least "criminally negligent" on the NSA's part here
  That's an interesting legal theory. What law did they break? (Or even, what law did they break that "normal" people would be exposed to, since of course the NSA gets special treatment).
  
  --
  "First they came for the slanderers and i said nothing."
2. Re: They should sue the NSA by Anonymous Coward · 2017-06-21 06:58 · Score: 0
  
  All thinking people want to die now. We have no hope.
3. Re:They should sue the NSA by Anonymous Coward · 2017-06-21 07:11 · Score: 0
  
  Who exactly do you suppose should be held responsible and how exactly?
  And "the government" is not an acceptable answer.
4. Re:They should sue the NSA by Anonymous Coward · 2017-06-21 07:19 · Score: 0
  
  Providing material (usable exploit) support to terror. Providing help in funding terror. Providing material support of a crime.
5. Re:They should sue the NSA by Anonymous Coward · 2017-06-21 08:12 · Score: 0
  
  What law did they break?
  It's called Criminal Negligence, which is why GP used the words "criminally negligent". It's when you fail to perform the expected diligence when a person could reasonably expect that failing to perform said diligence could result in something that would be a crime if it were done intentionally, and then it actually happens. In this case, leaving information about the exploits in question improperly secured could result in criminals affecting people with ransomware. Of course, to make it stick you'd have to demonstrate that the information actually was improperly secured in the first place (and the leak wasn't despite best efforts).
  You could also try to charge them with Criminal Recklessness, for deliberately failing in their mandate to defend the country's information systems by refraining from providing the information to Microsoft at the earliest opportunity in order to make the offensive aspect of their job easier, which had the predictable result.
6. Re:They should sue the NSA by BronsCon · 2017-06-21 08:22 · Score: 1
  
  Okay, but what is the crime as defined by law? Those may be the acts which comprise the crime that was committed, but what would the actual charge be?
  
  If anything fits, it's treason; good luck getting that to stick, though.
  
  --
  APK quotes people (including myself) without context and should not be trusted. Just thought you should know.
7. Re:They should sue the NSA by R3d+M3rcury · 2017-06-21 08:32 · Score: 1
  
  I'm sure they'd find something in the Computer Fraud and Abuse Act.
8. Re:They should sue the NSA by sconeu · 2017-06-21 10:16 · Score: 1
  
  Not treason. It's explicitly defined in the Constitution. https://www.usconstitution.net/xconst_A3Sec3.html
  
  --
  General Relativity: Space-time tells matter where to go; Matter tells space-time what shape to be.
9. Re:They should sue the NSA by gweihir · 2017-06-21 11:43 · Score: 1
  
  Creating weaponized code and then let that be stolen from them? I am sure a creative prosecutor could find a few centuries of prison time in there.
  
  --
  Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
10. Re:They should sue the NSA by gweihir · 2017-06-21 11:48 · Score: 1
  
  For damage done: The organization itself. It has a budget.
  For the criminal charges: Whoever was responsible for the theft being possible. Ultimately that will the the NSA heads in office when the relevant mistakes were made and subsequently not discovered or corrected. That responsible can move to people lower in the chain-of-command, for example if they ignored orders, falsified reports, etc.
  See, not so difficult.
  
  --
  Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
11. Re:They should sue the NSA by TheGratefulNet · 2017-06-21 11:55 · Score: 1
  
  What law did they break?
  interstate commerce.
  there is surely some way that GREAT set of laws could be applied, here.
  oblig: fuck the NSA. traitors to the american public. creating software bombs, knowing full well that 'the other bad guys' will soon have those same software bombs. the NSA has enough smart people that they should have KNOWN BETTER. they still act against the people they claim they are here to protect.
  abolish the cia, nsa and all other spy agencies. they don't help us, and in fact, actually cost us money and perhaps more ;(
  
  --
  
  --
  "It is now safe to switch off your computer."
12. Re:They should sue the NSA by BronsCon · 2017-06-21 19:37 · Score: 1
  
  This argument is made time and time again and, well, some would say the NSA gave aid (in attacking us) and comfort (in knowing which vulnerabilities we can attack and how to defend against them) to enemies of this country by not disclosing vulnerabilities to vendors to have them fixed and by allowing them to be leaked to the greater public, which includes enemies of this country.
  
  It's funny, you say Treason is explicitly defined in The Constitution, but it fails to define "aid" and ""comfort". All it takes is for someone to successfully argue the above and Treason suddenly becomes a much broader offense. Providing means of attack and means of defense from attack sure seems like something that could be twisted into "aid" and "comfort" by more than a handful of the more lawyerly types, does it not?
  
  In short, it's not something I'd want to take a gamble on, even if I think it's unlikely the argument would be made successfully (see above, where I said "good luck getting that to stick").
  
  Put another way, I never said I thought it was Treason, I merely implied that someone might; and now I've gone so far as to explain how.
  
  --
  APK quotes people (including myself) without context and should not be trusted. Just thought you should know.
13. Re:They should sue the NSA by thegarbz · 2017-06-21 20:33 · Score: 1
  
  One could argue they breached export controls by failing to protect their technology from foreign malicious actors.
14. Re: They should sue the NSA by Anonymous Coward · 2017-06-22 03:55 · Score: 0
  
  The buck stops with trump.
15. Re:They should sue the NSA by sconeu · 2017-06-22 04:50 · Score: 1
  
  Which is exactly WHY they defined it (OK, loosely), in the Constitution. They didn't want the .gov to just be able to round up political enemies and charge them with treason. Broadening the definition is exactly the OPPOSITE of what the Founding Fathers would want
  
  --
  General Relativity: Space-time tells matter where to go; Matter tells space-time what shape to be.
16. Re:They should sue the NSA by BronsCon · 2017-06-22 08:01 · Score: 1
  
  Yet, and I repeat myself because I apparently have to on this site anymore, they didn't define "aid" or "comfort", which leaves the wiggle room I'm pointing out.
  
  --
  APK quotes people (including myself) without context and should not be trusted. Just thought you should know.
Honda Racing Engines by Anonymous Coward · 2017-06-21 06:22 · Score: 0

Hope this doesn't hinder Honda's initiative to improve their Formula 1 engines for McLaren. They've already ruined Alonso's career to date the poor man's car broke in every major race this year including the Indy 500!
WTF?? by Anonymous Coward · 2017-06-21 06:33 · Score: 0

Discovery of the infection came on Sunday, more than five weeks after the onset of the NSA-derived ransomware worm
Seriously, WTF were they playing at not applying the security fixes that were released within days of WannaCry.
OK, so with MS's history it pays to be careful and test each fix before widely deploying it, but 5 fucking weeks ??
1. Re:WTF?? by RabidReindeer · 2017-06-21 06:58 · Score: 1
  
  Discovery of the infection came on Sunday, more than five weeks after the onset of the NSA-derived ransomware worm
  Seriously, WTF were they playing at not applying the security fixes that were released within days of WannaCry.
  OK, so with MS's history it pays to be careful and test each fix before widely deploying it, but 5 fucking weeks ??
  "Lost" computers that don't get maintenance, misplaced priorities, lots of reasons.
  That's why to this day I still register several of the original SQL server attacks on my domain, even though I don't run SQL server. Someone out there is hoping to get lucky. Sometimes they do.
I guess it's not just me. by s.petry · 2017-06-21 07:45 · Score: 4, Insightful

Microsoft code was the entry point, but if the NSA was actually performing it's function and protecting the citizens of the US they would have notified Microsoft of the problem and perhaps even helped with a fix. The chain would have ended then and there.
Not notifying the vendor of the most widely used OS in the USA, the NSA acted against the interests of US Citizens.
Further, claiming that the Shadow Brokers are Russian fails basic scrutiny. If there was such a group working for the FSB they would have absolutely zero interest in releasing the exploit to the wild for anyone else to access.

--
-The wise argue that there are few absolutes, the fool argues that there are no probabilities.
Protection vs. WannaCry 2 ways... apk by Anonymous Coward · 2017-06-21 08:04 · Score: 1

From MS - SMB Ports 445/139 (TCP) & 137/138 (UDP) protection via:
Disable SMBv1 on the SERVER, configure the following registry key:
Registry subkey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters Registry entry: SMB1
REG_DWORD: 0 = Disabled
REG_DWORD: 1 = Enabled
Default: 1 = Enabled
Enable SMBv2 on the SERVER, configure the following registry key:
Registry subkey:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters Registry entry: SMB2
REG_DWORD: 0 = Disabled
REG_DWORD: 1 = Enabled
Default: 1 = Enabled
---
Disable SMBv1 on the CLIENT, run the following commands:
sc.exe config lanmanworkstation depend= bowser/mrxsmb20/nsi
sc.exe config mrxsmb10 start= disabled
Enable SMBv2 & SMBv3 on the CLIENT, run the following commands:
sc.exe config lanmanworkstation depend= bowser/mrxsmb10/mrxsmb20/nsi
sc.exe config mrxsmb20 start= auto
---
* The above is per https://support.microsoft.com/en-us/help/2696547/how-to-enable-and-disable-smbv1,-smbv2,-and-smbv3-in-windows-vista,-windows-server-2008,-windows-7,-windows-server-2008-r2,-windows-8,-and-windows-server-2012/
APK
P.S.=> For a SINGLE 'standalone' non-networked PC (no home network/LAN but TCP/IP connected online) turn off Server & Workstation services.
That shuts off any "handles" (port 445) this thing propogates thru + turn off NetBIOS over TCP/IP in your internet connection & uncheck/disable Client for Microsoft Networks + File and Print Sharing. Port 139 & 445 always pop up issues over time. It also makes your packet trains smaller (no encapsulation of LanMan)
I covered all this 11++ yrs. ago in a security guide I wrote for users with a single system & apparently, its advice STILL STANDS THE "TEST OF TIME" https://www.google.com/search?hl=en&source=hp&biw=&bih=&q=%22HOW+TO+SECURE+Windows+2000%2FXP%22&btnG=Google+Search&gbv=1/ vs. even today's threats like this one.
* This effectively makes this threat a non-issue + saves you CPU cycles/RAM & other I/O wasted on services you don't NEED as a single PC user only... & you don't. They're just wastes with a single PC really. Many services are (covered in guide above based on CIS Tool guidance (who took fixes to their ware from "yours truly" too, no less)) & again, no more encapsulated packet bulk.
AND?
Don't be STUPID & click on attachments in bogus malicious emails this thing propogates thru also (Chrome/Opera/Webkit users - BEWARE of the ShellControlFile issue that just popped up (.scf file) noted here-> http://www.theregister.co.uk/2017/05/17/chrome_on_windows_has_credential_theft_bug/ ) ... apk
1. Re:Protection vs. WannaCry 2 ways... apk by Anonymous Coward · 2017-06-21 08:24 · Score: 0
  
  I can't believe I'm saying this but... someone mod this motherfucker up.
2. Re:Protection vs. WannaCry 2 ways... apk by ELCouz · 2017-06-21 11:30 · Score: 1
  
  Done.....oh wait?!!
3. Re:Protection vs. WannaCry 2 ways... apk by turbidostato · 2017-06-21 11:45 · Score: 1
  
  And then, somehow, `ls -l` is too complex for systems "in the real world".
4. Re:Protection vs. WannaCry 2 ways... apk by BlueStrat · 2017-06-21 12:52 · Score: 1
  
  APK buddy, I gotta give you props as a longtime Slashdotter. Straight up, sometimes you get off the rails a bit when you're in 'the zone', and sometimes tend a bit too heavily towards "wall-o-text" for a forum post on /., but your posts on this and the hosts file posts, and more, have never been in error and/or bad advice.
  I'm sure you get a lot of shit, so I just wanted to let you know we aren't all "nattering nabobs of negativity" here. :)
  Strat
  
  --
  Progressivism (aka US 'Liberalism'): Ideas so good they need a police/surveillance-state to enforce.
5. Re:Protection vs. WannaCry 2 ways... apk by thegarbz · 2017-06-21 20:35 · Score: 1
  
  Or just run Windows Update I don't know why you insist on complicating things.
A patch called Linux by Anonymous Coward · 2017-06-21 08:29 · Score: 0

Im surprised they do t use it.
1. Re:A patch called Linux by Anonymous Coward · 2017-06-21 16:51 · Score: 0
  
  Japan has two Open Source OS built with .jp lang as the default language.
  FuguIta = based on OpenBSD
  Vine = based on Fedora (and RHEL)
Japanese Corps Have The Worst IT Admins by Anonymous Coward · 2017-06-21 12:47 · Score: 0

From experience I can tell you there is some problems in Japanese companies with IT security or Administration. I'm not sure if its a language barrier thing (being isolated) or a cultural thing where IT Admins are too scared of their managers to report issues or ask for funds to improve things.. but there is a tendency in these companies to really drag their heels. They also seem to have poor decision making procedures.. sometimes things drag out years. I have one Japanese corporation still using LTO tape backup system from 10 years ago. They also often take security too far and reduce the functionality to where it impedes the day to day function of users, and the users are often too scared to say anything to their managers. Anyone else notice these things?
1. Re:Japanese Corps Have The Worst IT Admins by Anonymous Coward · 2017-06-21 16:55 · Score: 0
  
  users are often too scared to say anything to their managers.
  
  This is normal for Japanese culture where seniors and older people are always correct, but this was changed during one of JAL air crash where psychologist suggested JAL to train their junior pilots to speak up once they noticed something is missed or some incorrect actions were made by their senior pilots during a flight. Saw this at Youtube aircrash investigation.
This worked LONG prior to MS' patch = why by Anonymous Coward · 2017-06-21 20:56 · Score: 0

This worked LONG prior to MS' patching it (if they have on ALL of their OS' - probably have by NOW @ least, lol) = why...
APK
P.S.=> And, "there ya go"... apk
Thank-You BlueStrat... apk by Anonymous Coward · 2017-06-21 21:37 · Score: 0

See subject: I do get a lot of shit, e.g. https://ask.slashdot.org/comments.pl?sid=10771127&cid=54665323/ & that's a MILD case (along w/ "downmod bombings" of my posts & then our 'gracious host' filter tracks my posts blocking the homepage URL for my hosts program's another (he hates hosts as it blocks ads, this much is obvious)).
* I'm only trying to help out by spreading "the good word" on a fix in THIS case (2 ways that worked long before MS issued patches).
(APK Hosts File Engine 9.0++ SR-7 32/64-bit https://www.google.com/search?hl=en&source=hp&biw=&bih=&q=%22APK+Hosts+File+Engine%22+and+%22start64%22&btnG=Google+Search&gbv=1/ is doing the same, albeit programmatically...)
APK
P.S.=> Takes all kinds to make a world I suppose, but if you're going to 'criticize' me (like that crap in the link above), @ least do it on a valid constructive basis - & again, thank you for your comment BlueStrat - it's truly the thought that counts... apk
Honda Shuts Down Factory After Finding NSA-derived by Anonymous Coward · 2017-06-22 09:53 · Score: 0

> Honda officials didn't explain why engineers found WCry in their networks 37 days after the kill switch was activated. One possibility is that engineers had mistakenly blocked access to the kill-switch domain
Probably not.
Only the early variants had a "kill switch". Later variants had the "kill switch" binary-edited out. After 37 days, we're probably dealing with a later variant...