Author's Opinion

The views in this column are those of the author and do not necessarily reflect the views of iTWire.

Have your say and comment below.

Wednesday, 28 June 2017 13:00

Ransomware runs amok, Microsoft still silent Featured

By

When a disastrous ransomware attack is devastating computers across the globe, based on a five-year-old NSA discovered vulnerability, where’s Microsoft?

You’re the biggest provider of desktop operating systems in the world.

Sure, the year of the Linux desktop never happened, but Unix-derived operating systems dominate smartphones and tablets, and usage of Windows operating systems is badly fragmented.

Indeed, there are still people using Windows XP and Windows 7, despite Microsoft’s best efforts to get everyone to upgrade to Windows 8, 8.1 and then Windows 10, and unless you protect yourself as much as possible, Windows is your best chance of getting malware so debilitating it can put you out of business and wipe all your data permanently.

Of course, all of the security companies in the world have come out to offer advice, even if Microsoft remains silent (thus far for today).

Advice includes applying all patches, not just to operating systems, but to all of your software, programs and apps – even if that list of three describes the same thing.

You also need to apply patches and firmware updates to your hardware – your BIOS, printer, TV, router, security camera and any other connected device.

There’s also a need to take the only step that can truly protect you in the event that malware or ransomware slips through, and that’s to make a 3-2-1 backup (here's a video), here more in text.

This means at least three different copes if your data, on at least two different forms of media, and with at least one copy stored offsite.

A great example for copying data offsite is Acronis, with its True Image 2017 Premium version for Windows PCs providing “Active ransomware protection.” 

However, if you’re a network administrator, then you’ve got even more tools at your disposal.

One tweet advises to apply the “MS17-010 patch AND blocking ADMIN$ via GPO will stop lateral movement on WMI and PSEXEC.”

Hacker Fantastic says that “#Petya encrypts ON BOOT. If you see CHKDSK message your files not yet encrypted, power off immediately. You can recover with with LiveCD. “

Even better is a tweet from an OS researcher who states: “98% sure that the name is is perfc.dll Create a file in c:\windows called perfc with no extension and #petya #Nopetya won't run! SHARE!!”

Of course, besides Microsoft’s silence on the topic today, how about the NSA itself?

Edward Snowden calls the NSA out for hiding the “Eternal Blue” vulnerability for 5 years.

If the NSA, CIA and others play with fire, aren’t they supposed to keep these vulnerabilities “safe”?

Why have Microsoft’s efforts in finding security vulnerabilities in its own software so spectacularly failed over the years?

And where is Microsoft in being proactive in explaining why updates are important, and doing all it legally can to ensure people are either updating their operating systems, or at the very least, patching their systems?

Instead, we saw Microsoft engage in various and effectively underhanded ways to force people to upgrade to Windows 10.

Yes, Microsoft still thankfully offers a free “Windows 10 accessibility upgrade” which lets licensed Windows 7 and 8.1 users still get a totally free update – without needing to prove you have any disability, and with the update identical to the previous free Windows 10 upgrade offer.

If Microsoft was truly serious about getting people to upgrade, the company would produce its own television show – broadcast around the world and on YouTube, that talked about technology, and explained it to end-users.

Or something! Whatever Microsoft is doing clearly isn’t enough, or there wouldn’t be these damned continual outbreaks of malware, viruses and ransomware ruining people’s businesses and lives.

And don’t tell me Windows 10 S is the solution… it might be one day when Microsoft has truly decent apps in the Microsoft Store, but that day sadly is nowhere near here yet!

Presumably technical people and IT admins should know all of this already, but with all the outbreaks of ransomware across the world today, the IT admins of those affected just aren’t doing what needs to be done to keep computers and their users safe.

Back in 2011, I switched to a Mac, and while that’s no guarantee of never getting a virus, and while I do make regular 3-2-1 backups with Time Machine and Acronis True Image 2017 for Mac, and run software such as Norton Internet Security, Malwarebytes for Mac, and other software, my computing life has never been smoother or better.

What you do is up to you, but sometimes you’ve just got to lead by example, as actions always speak louder than words.

Today, on the next major ransomware outbreak of 2017, Microsoft hasn’t made any public actions that I can see, nor have there been any words – or at least, none that I can see on Twitter from Microsoft, or its website, or its Facebook page.

Well, I’m trying to check Microsoft’s Facebook, but I can’t get Facebook to load – let’s just hope they didn’t get affected by ransomware!

So, Microsoft – are you going to make any statement today? Or are the computers of your users melting down, despite clearly their own inaction, something you’ve nothing to say about?

For more on all the #Petya Tweets, click here.

It’s also called #Goldeneye, so those tweets are here, too.

BUSINESS WORKS BETTER WITH WINDOWS 1O. MAKE THE SHIFT

You cannot afford to miss this Dell Webinar.

With Windows 7 support ending 14th January 2020, its time to start looking at your options.

This can have significant impacts on your organisation but also presents organisations with an opportunity to fundamentally rethink the way users work.

The Details

When: Thursday, September 26, 2019
Presenter: Dell Technologies
Location: Your Computer

Timezones

QLD, VIC, NSW, ACT & TAS: 11:00 am
SA, NT: 10:30 am
WA: 9:00 am NZ: 1:00 pm

Register and find out all the details you need to know below.

REGISTER!

ADVERTISE ON ITWIRE NEWS SITE & NEWSLETTER

iTWire can help you promote your company, services, and products.

Get more LEADS & MORE SALES

Advertise on the iTWire News Site / Website

Advertise in the iTWire UPDATE / Newsletter

Promote your message via iTWire Sponsored Content/News

Guest Opinion for Home Page exposure

Contact Andrew on 0412 390 000 or email [email protected]

OR CLICK HERE!

Alex Zaharov-Reutt

One of Australia’s best-known technology journalists and consumer tech experts, Alex has appeared in his capacity as technology expert on all of Australia’s free-to-air and pay TV networks on all the major news and current affairs programs, on commercial and public radio, and technology, lifestyle and reality TV shows. Visit Alex at Twitter here.

VENDOR NEWS & EVENTS

REVIEWS

Recent Comments