Home Open Sauce Ransomware: Windows is the elephant in the room

Author's Opinion

The views in this column are those of the author and do not necessarily reflect the views of iTWire.

Have your say and comment below.

Ransomware has slowly become the most common and most difficult threat posed to companies and individuals alike over the last year.

And there is one common thread to practically all ransomware attacks: Windows.

Microsoft acolytes, supporters and astro-turfers can scream till they are blue in the face, but it is very rare to see ransomware that attacks any other platform.

Of course, these Redmond backers are careful to say that ransomware attacks "computer users", not Windows users.

But statistics tell the truth. In 2015, the average number of infections hitting Windows users was between 23,000 and 35,000, according to Symantec.

In March, this number ballooned to 56,000 with the arrival of the Locky ransomware. And in the first quarter of 2016, US$209 million was paid by Windows users in order to make their locked files accessible again.

Why, ransomware is so much a Windows thing that Microsoft even used it as a marketing tool to try and push people to Windows 10, pointing out that Windows 7 users were more prone to getting hit by this form of malware than Windows 10 users!

Ransomware for other platforms was non-existent to the extent that when the first such malware for the Mac was noticed, there was a song and dance over it.

The Mac variant was said to be a variant of an earlier attempt to code up something for Linux. But, even three iterations down the track, the Linux effort was not working as intended. At times, the uneducated indulge in click-bait about ransomware that runs on Linux. Alas, they are unmasked pretty soon.

Despite the fact that Windows is the major attack interface, it is impossible to hear anyone in the IT industry recommend getting rid of Windows as a means to keep out ransomware. One can ask till one is blue in the face, but so-called tech experts will do everything but say the obvious.

You would think that if eating a certain type of food caused humans to vomit, the best way to avoid spilling one's innards on the footpath would be to avoid that food. Nope, tech experts will tell you to continue eating that same food and then take an anti-emetic.

There is one reason for this: Windows has spawned a multi-billion-dollar anti-virus industry that does not want to eat its own breakfast. The more Windows threats come along, the better the bottomline for these industries. Why would one try to kill off the goose that lays the golden eggs?

But there are some rare, honest people in the industry who will occasionally spill the beans, rather obliquely. Thirteen years ago, I wrote a 5000-word piece on the Windows update process, after canvassing the opinions of numerous sysadmins.

Among them was Paul Ducklin, at that time an employee of Sophos, and a man who tended to avoid BS. His contribution still stays in my memory.

Wrote Ducklin: "As you know, I'm mostly neutral about Windows and Unix (though I did seriously consider getting the NSW number plate 'BSD', only to find it had been taken by the time I'd decided that paying nearly $400 per year for something without any intrinsic value was only a medium-sized slap in the face to the needy).

"This means I don't have any compelling comments about comparing Windows admin to Unix administration. So why the email?

"Well, I simply want to refer you to a pithy quote from the Second Edition of the seminal work Firewalls and Internet Security by Cheswick, Bellovin and Rubin. See page 255, about half-way down. 'We do not know how to secure [Windows hosts], or even if it is possible'. How I smiled."


Did you know: Key business communication services may not work on the NBN?

Would your office survive without a phone, fax or email?

Avoid disruption and despair for your business.

Learn the NBN tricks and traps with your FREE 10-page NBN Business Survival Guide

The NBN Business Survival Guide answers your key questions:

· When can I get NBN?
· Will my business phones work?
· Will fax & EFTPOS be affected?
· How much will NBN cost?
· When should I start preparing?


Sam Varghese

website statistics

A professional journalist with decades of experience, Sam for nine years used DOS and then Windows, which led him to start experimenting with GNU/Linux in 1998. Since then he has written widely about the use of both free and open source software, and the people behind the code. His personal blog is titled Irregular Expression.






Join the iTWire Community and be part of the latest news, invites to exclusive events, whitepapers and educational materials and oppertunities.
Why do I want to receive this daily update?
  • The latest features from iTWire
  • Free whitepaper downloads
  • Industry opportunities