Home Open Sauce Ransomware: Microsoft can no longer claim to be 'proactive'

Author's Opinion

The views in this column are those of the author and do not necessarily reflect the views of iTWire.

Have your say and comment below.

Ransomware: Microsoft can no longer claim to be 'proactive'

Ransomware: Microsoft can no longer claim to be 'proactive' Featured

Microsoft's reaction to the Windows ransomware crisis that occurred on Friday and Saturday has shown one thing: no longer can the company continue to use the business buzzword "proactive" when it talks about itself. It was caught unawares and left looking very old and tired in the way it responded to the situation.

When the Shadow Brokers group dumped a number of NSA exploits on 14 April, after having tried for a while to get people to buy them, it should have been clear to those who head the Microsoft Security Response Centre that it was only a matter of time before some attacker would use these exploits to attack vulnerable systems.

The probability was all the more, given that attacks these days are driven mostly by a desire to make money. Not just to get up someone's nose.

It has also been clear to all those who are in any way part of the tech community — those who have not been living under a rock, that is — that there are millions of Windows machines out there that are out of support and vulnerable to these exploits.

As iTWire reported back in February, 150 million PCs were running Windows XP at that time, a version for which support has long expired.

Turtle.

Microsoft issued patches to guard against these exploits in March, a month before the Shadow Brokers dumped the lot. (The company has kept mum as to how it became aware of the dumped exploits. Was it told by the NSA? Did it pay the Shadow Brokers?)

But, given its parsimonious nature, something that has often left it with egg on its face in the past, Microsoft only issued patches for Windows versions that are currently supported.

It did not think ahead and contemplate the possibility that a situation similar to Code Red could eventuate again, with attackers having a field day on older Windows systems. No, it was caught on the back foot and had to pull up its socks and react fast. 

Had it not been for an accidental act by a British researcher, we would be looking at Code Red Mark II now.

Now, the company that has been force-feeding Windows to all and sundry is acting as though it is the good guy. "Seeing businesses and individuals affected by cyber attacks, such as the ones reported today, was painful," wrote Phillip Misner, principal security group manager at the MSRC.

When the Shadow Brokers dumped the exploits, what was Misner doing? The analogy that comes to mind is that of Nero fiddling while Rome burned.

And thus, when the fat was well and truly in the fire, Microsoft found itself forced to issue patches for Windows XP, Windows 8, and Windows Server 2003. Of course, lest you forget, this was done in the public interest!

This is not the first time that attacks on Windows systems have triggered mass panic. Dave Aitel of Immunity, a security professional who often calls things as he sees them, put it well in a tweet: "Windows didn't get more secure in the last two decades, the hackers just got nicer."

A number of security companies wrote in to iTWire, seeking to capitalise on the situation and plug their own names and wares. These companies are part of the problem: they should be calling out Microsoft for its pathetic attitude to security, which this time put the lives of patients in Britain at risk.

But you won't find any of these security experts saying a thing. After all, why would they bite the biggest hand that feeds them? If Windows disappeared overnight, many of these companies would be left without lunch money.

The cynicism that has been on display in the last 36-odd hours is disgusting.

LEARN HOW TO REDUCE YOUR RISK OF A CYBER ATTACK

Australia is a cyber espionage hot spot.

As we automate, script and move to the cloud, more and more businesses are reliant on infrastructure that has the high potential to be exposed to risk.

It only takes one awry email to expose an accounts’ payable process, and for cyber attackers to cost a business thousands of dollars.

In the free white paper ‘6 Steps to Improve your Business Cyber Security’ you’ll learn some simple steps you should be taking to prevent devastating and malicious cyber attacks from destroying your business.

Cyber security can no longer be ignored, in this white paper you’ll learn:

· How does business security get breached?
· What can it cost to get it wrong?
· 6 actionable tips

DOWNLOAD NOW!

RECOVERING FROM RANSOMWARE

Ransomware is a type of malware that blocks access to your files and systems until you pay a ransom.

The first example of ransomware happened on September 5, 2013, when Cryptolocker was unleashed.

It quickly affected many systems with hackers requiring users to pay money for the decryption keys.

Find out how one company used backup and cloud storage software to protect their company’s PCs and recovered all of their systems after a ransomware strike.

DOWNLOAD THE REPORT!

Sam Varghese

website statistics

A professional journalist with decades of experience, Sam for nine years used DOS and then Windows, which led him to start experimenting with GNU/Linux in 1998. Since then he has written widely about the use of both free and open source software, and the people behind the code. His personal blog is titled Irregular Expression.

 

Popular News

 

Telecommunications