Author's Opinion

The views in this column are those of the author and do not necessarily reflect the views of iTWire.

Have your say and comment below.

Friday, 02 December 2016 12:04

Ransomware: Windows is the elephant in the room Featured

By

Ransomware has slowly become the most common and most difficult threat posed to companies and individuals alike over the last year.

And there is one common thread to practically all ransomware attacks: Windows.

Microsoft acolytes, supporters and astro-turfers can scream till they are blue in the face, but it is very rare to see ransomware that attacks any other platform.

Of course, these Redmond backers are careful to say that ransomware attacks "computer users", not Windows users.

But statistics tell the truth. In 2015, the average number of infections hitting Windows users was between 23,000 and 35,000, according to Symantec.

In March, this number ballooned to 56,000 with the arrival of the Locky ransomware. And in the first quarter of 2016, US$209 million was paid by Windows users in order to make their locked files accessible again.

Why, ransomware is so much a Windows thing that Microsoft even used it as a marketing tool to try and push people to Windows 10, pointing out that Windows 7 users were more prone to getting hit by this form of malware than Windows 10 users!

Ransomware for other platforms was non-existent to the extent that when the first such malware for the Mac was noticed, there was a song and dance over it.

The Mac variant was said to be a variant of an earlier attempt to code up something for Linux. But, even three iterations down the track, the Linux effort was not working as intended. At times, the uneducated indulge in click-bait about ransomware that runs on Linux. Alas, they are unmasked pretty soon.

Despite the fact that Windows is the major attack interface, it is impossible to hear anyone in the IT industry recommend getting rid of Windows as a means to keep out ransomware. One can ask till one is blue in the face, but so-called tech experts will do everything but say the obvious.

You would think that if eating a certain type of food caused humans to vomit, the best way to avoid spilling one's innards on the footpath would be to avoid that food. Nope, tech experts will tell you to continue eating that same food and then take an anti-emetic.

There is one reason for this: Windows has spawned a multi-billion-dollar anti-virus industry that does not want to eat its own breakfast. The more Windows threats come along, the better the bottomline for these industries. Why would one try to kill off the goose that lays the golden eggs?

But there are some rare, honest people in the industry who will occasionally spill the beans, rather obliquely. Thirteen years ago, I wrote a 5000-word piece on the Windows update process, after canvassing the opinions of numerous sysadmins.

Among them was Paul Ducklin, at that time an employee of Sophos, and a man who tended to avoid BS. His contribution still stays in my memory.

Wrote Ducklin: "As you know, I'm mostly neutral about Windows and Unix (though I did seriously consider getting the NSW number plate 'BSD', only to find it had been taken by the time I'd decided that paying nearly $400 per year for something without any intrinsic value was only a medium-sized slap in the face to the needy).

"This means I don't have any compelling comments about comparing Windows admin to Unix administration. So why the email?

"Well, I simply want to refer you to a pithy quote from the Second Edition of the seminal work Firewalls and Internet Security by Cheswick, Bellovin and Rubin. See page 255, about half-way down. 'We do not know how to secure [Windows hosts], or even if it is possible'. How I smiled."


Subscribe to Newsletter here

NEW OFFER - ITWIRE LAUNCHES PROMOTIONAL NEWS & CONTENT

Recently iTWire remodelled and relaunched how we approach "Sponsored Content" and this is now referred to as "Promotional News and Content”.

This repositioning of our promotional stories has come about due to customer focus groups and their feedback from PR firms, bloggers and advertising firms.

Your Promotional story will be prominently displayed on the Home Page.

We will also provide you with a second post that will be displayed on every page on the right hand side for at least 6 weeks and also it will appear for 4 weeks in the newsletter every day that goes to 75,000 readers twice daily.

POST YOUR NEWS ON ITWIRE NOW!

PROMOTE YOUR WEBINAR ON ITWIRE

It's all about Webinars.

These days our customers Advertising & Marketing campaigns are mainly focussed on Webinars.

If you wish to promote a Webinar we recommend at least a 2 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site itwire.com and prominent Newsletter promotion https://www.itwire.com/itwire-update.html and Promotional News & Editorial.

For covid-19 assistance we have extended terms, a Webinar Business Booster Pack and other supportive programs.

We look forward to discussing your campaign goals with you. Please click the button below.

MORE INFO HERE!

BACK TO HOME PAGE
Sam Varghese

website statistics

Sam Varghese has been writing for iTWire since 2006, a year after the site came into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.

BACK TO HOME PAGE

ZOOM WEBINARS & ONLINE EVENTS

Channel News

VENDOR NEWS & VIEWS

REVIEWS

Comments

Guest Opinion