Home Open Sauce Ransomware: Windows is the elephant in the room

Author's Opinion

The views in this column are those of the author and do not necessarily reflect the views of iTWire.

Have your say and comment below.

Ransomware: Windows is the elephant in the room

Ransomware has slowly become the most common and most difficult threat posed to companies and individuals alike over the last year.

And there is one common thread to practically all ransomware attacks: Windows.

Microsoft acolytes, supporters and astro-turfers can scream till they are blue in the face, but it is very rare to see ransomware that attacks any other platform.

Of course, these Redmond backers are careful to say that ransomware attacks "computer users", not Windows users.

But statistics tell the truth. In 2015, the average number of infections hitting Windows users was between 23,000 and 35,000, according to Symantec.

In March, this number ballooned to 56,000 with the arrival of the Locky ransomware. And in the first quarter of 2016, US$209 million was paid by Windows users in order to make their locked files accessible again.

Why, ransomware is so much a Windows thing that Microsoft even used it as a marketing tool to try and push people to Windows 10, pointing out that Windows 7 users were more prone to getting hit by this form of malware than Windows 10 users!

Ransomware for other platforms was non-existent to the extent that when the first such malware for the Mac was noticed, there was a song and dance over it.

The Mac variant was said to be a variant of an earlier attempt to code up something for Linux. But, even three iterations down the track, the Linux effort was not working as intended. At times, the uneducated indulge in click-bait about ransomware that runs on Linux. Alas, they are unmasked pretty soon.

Despite the fact that Windows is the major attack interface, it is impossible to hear anyone in the IT industry recommend getting rid of Windows as a means to keep out ransomware. One can ask till one is blue in the face, but so-called tech experts will do everything but say the obvious.

You would think that if eating a certain type of food caused humans to vomit, the best way to avoid spilling one's innards on the footpath would be to avoid that food. Nope, tech experts will tell you to continue eating that same food and then take an anti-emetic.

There is one reason for this: Windows has spawned a multi-billion-dollar anti-virus industry that does not want to eat its own breakfast. The more Windows threats come along, the better the bottomline for these industries. Why would one try to kill off the goose that lays the golden eggs?

But there are some rare, honest people in the industry who will occasionally spill the beans, rather obliquely. Thirteen years ago, I wrote a 5000-word piece on the Windows update process, after canvassing the opinions of numerous sysadmins.

Among them was Paul Ducklin, at that time an employee of Sophos, and a man who tended to avoid BS. His contribution still stays in my memory.

Wrote Ducklin: "As you know, I'm mostly neutral about Windows and Unix (though I did seriously consider getting the NSW number plate 'BSD', only to find it had been taken by the time I'd decided that paying nearly $400 per year for something without any intrinsic value was only a medium-sized slap in the face to the needy).

"This means I don't have any compelling comments about comparing Windows admin to Unix administration. So why the email?

"Well, I simply want to refer you to a pithy quote from the Second Edition of the seminal work Firewalls and Internet Security by Cheswick, Bellovin and Rubin. See page 255, about half-way down. 'We do not know how to secure [Windows hosts], or even if it is possible'. How I smiled."


Did you know: 1 in 10 mobile services in Australia use an MVNO, as more consumers are turning away from the big 3 providers?

The Australian mobile landscape is changing, and you can take advantage of it.

Any business can grow its brand (and revenue) by adding mobile services to their product range.

From telcos to supermarkets, see who’s found success and learn how they did it in the free report ‘Rise of the MVNOs’.

This free report shows you how to become a successful MVNO:

· Track recent MVNO market trends
· See who’s found success with mobile
· Find out the secret to how they did it
· Learn how to launch your own MVNO service


Sam Varghese

website statistics

A professional journalist with decades of experience, Sam for nine years used DOS and then Windows, which led him to start experimenting with GNU/Linux in 1998. Since then he has written widely about the use of both free and open source software, and the people behind the code. His personal blog is titled Irregular Expression.