Re: How Long?
> "Think how Maersk dealt with NotPetya, by replacing all servers and desktops/laptops."
About 5 years ago, one of our support guys was called out to look at a failed PC, which was used to control a microscope used for medical research. It was a 386, and couldn't be replaced due to the requirements of the hardware it was connected to - basically, the manufacturer only supported the hardware/software that was supplied, and to upgrade meant buying a new microscope (which couldn't be done due to lack of budget - it was a significant sum).
Replacing all the PCs/servers with new ones is something that likely can be done for the "frontline administrative" stuff, but possibly not the specialised stuff used for controlling things.