Author's Opinion

The views in this column are those of the author and do not necessarily reflect the views of iTWire.

Have your say and comment below.

Tuesday, 17 December 2019 09:31

Windows ransomware is a nice little earner for Microsoft

Windows ransomware is a nice little earner for Microsoft Image by vishnu vijayan from Pixabay

One reason why Microsoft stays silent about ransomware attacks on its Windows operating system is because the company makes money when it is called in to help tackle such attacks which are increasing all the time.

The Norwegian firm Norsk Hydro, which was hit by the LockerGoga ransomware in March last year, has been the biggest company to suffer from this scourge in recent times and has been affected to the tune of about US$75 million.

Overnight, Microsoft wrote a glowing blog post of the way this company has tackled the attacks, including the fact that Redmond had been called in to offer assistance.

Remarkably, the blog post, which runs to 1765 words and is peppered with pictures, does not mention the word Windows even once!

iTWire has confirmed from Norsk Hydro that Microsoft was paid for this assistance.

So a company that is responsible for a problem of this magnitude can come in, write glowing accounts of its involvement, and then also pocket a fee. Sounds like a great way to make some moolah. The word "shame" has no place in this era and needs to be deleted from the dictionary.

One of the defences mounted when one mentions Windows and ransomware in the same breath, is that any operating system which has such a large number of users would be under similar attack. But then why isn't Android under a ransomware cloud?

Google's mobile operating system has more than twice the number of users that Windows has and is present on laptops, tablets and mobiles. And many of those mobiles are used much more than PCs or Windows laptops; they have become, for many, a primary computing device.

No, the ransomware scourge is entirely due to the appalling security that Windows offers – if, indeed, it offers any at all.

As the ransomware plague spreads, it seems likely that this will become another revenue stream for Microsoft. As iTWire reported on Monday, at least 948 government agencies, healthcare providers and educational establishments were hit by ransomware this year affected at a cost estimated to be about US$7.5 billion.

One can write ransomware for other operating systems too – macOS, Linux, Android, iOS and the BSDs. But they are of no use to an attacker unless one can gain administrator status on a machine.

In the case of Windows, there are numerous components, which are part of the operating system and which cannot be removed, that are vulnerable. It is probably the main reason why nobody in authority at Microsoft ever mentions the word Windows these days.

That the company is aware of this is evident from the fact that it has even ditched its own operating system when it comes to mobile phones – next year, Microsoft will be releasing a phone that runs Android. This is the ultimate condemnation of Windows, something like a man disowning his own child.

Security companies are also to blame, as they hit idly by and reap the monetary rewards that come from remedying these ransomware outbreaks. The more, the merrier, is their motto. No security firm will ever say a bad word about Windows, count on it.

The tech media, too, are complicit in this covering up of the fact that without Windows, there would be little or no ransomware. These worthies even avoid mentioning the word "Windows" when reporting about ransomware. To them, these are "computer malware".

Some strains of ransomware have been recently observed to have now adopted the additional trick of exfiltrating files from systems that they infect. Looks like 2020 will be a year of increasing returns for the security industry. And, lest one forgets, Microsoft will share in that bounty too. The future looks so bright we might have to start wearing shades.


26-27 February 2020 | Hilton Brisbane

Connecting the region’s leading data analytics professionals to drive and inspire your future strategy

Leading the data analytics division has never been easy, but now the challenge is on to remain ahead of the competition and reap the massive rewards as a strategic executive.

Do you want to leverage data governance as an enabler?Are you working at driving AI/ML implementation?

Want to stay abreast of data privacy and AI ethics requirements? Are you working hard to push predictive analytics to the limits?

With so much to keep on top of in such a rapidly changing technology space, collaboration is key to success. You don't need to struggle alone, network and share your struggles as well as your tips for success at CDAO Brisbane.

Discover how your peers have tackled the very same issues you face daily. Network with over 140 of your peers and hear from the leading professionals in your industry. Leverage this community of data and analytics enthusiasts to advance your strategy to the next level.

Download the Agenda to find out more


Sam Varghese

website statistics

Sam Varghese has been writing for iTWire since 2006, a year after the site came into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.



Recent Comments