Home Open Sauce Best way to avoid ransomware? Stop using Windows

Author's Opinion

The views in this column are those of the author and do not necessarily reflect the views of iTWire.

Have your say and comment below.

Best way to avoid ransomware? Stop using Windows

After a week when people learned that ransomware can take over their lives, the question must needs be asked: why is it that this kind of malware seems to attack only Windows?

There are many Microsoft apologists, astro-turfers, and so-called journalists on the make who, at times like this, keep a low profile and furiously try to spread the message in Web forums that "computers users" are at risk.

Alas, the harsh truth must at last be faced: if you do not use Windows, then the chances of a ransomware attack are close to zero.

Ransomware for the Mac is such a rarity that when one was discovered, security researchers went into literal meltdown. As for Linux, despite the efforts of all and sundry to pin ransomware on the free operating system, nothing has been found.

Windows flies in the face of the basic tenets of security. One can have convenience when using a computer system. Or one can have security. User-space and kernel-space must not be allowed to mingle, else one gets a security nightmare.

Over the years, Microsoft has sought to sell its wares by trying to be all things to all people. At a certain point along this kind of journey, one always comes to a sticky spot in the road.

Last Friday, organisations in more than 150 countries found that they were stuck in that sticky spot. It wasn't an edifying spectacle.

James Scott, a senior fellow at the Institute for Critical Infrastucture Technology, had this to say about Microsoft's culpability in the whole mess.

"Microsoft was quick to blame the success of the WannaCry campaign on the NSA, alleging that the agency should never have developed EternalBlue and that the vulnerability should have been disclosed sooner," Scott wrote on the security think-tank's blog.

"Even if the Shadow Brokers' claims were true, the liability and responsibility for the risk remain with Microsoft for developing inherently flawed operating systems that failed to minimise exploitable vulnerabilities by incorporating security-by-design throughout the developmental lifecycle of the software according to NIST 800-160.

"Instead, Microsoft, like the vast majority of software and technology manufacturers, rushed their product to market with the intent to actively use consumers as “crash test dummies” for vulnerability discoveries.

"This systemic cultural fault in software development endangers users daily and enables the efforts of cyber-adversaries. The result of these practices is the necessity for the constant release of patches and upgrades that repair old vulnerabilities while introducing new ones."

Exactly what Microsoft plans to do, apart from blame the NSA for creating exploits that have been leaked into the public sphere, isn't clear.

The company is lying low as it always does after such disasters. Public memory is woefully short these days, even more so than it was previously.

But with every situation, there is a breaking point. Is WannaCry going to be that point for Microsoft?


Australia is a cyber espionage hot spot.

As we automate, script and move to the cloud, more and more businesses are reliant on infrastructure that has the high potential to be exposed to risk.

It only takes one awry email to expose an accounts’ payable process, and for cyber attackers to cost a business thousands of dollars.

In the free white paper ‘6 Steps to Improve your Business Cyber Security’ you’ll learn some simple steps you should be taking to prevent devastating and malicious cyber attacks from destroying your business.

Cyber security can no longer be ignored, in this white paper you’ll learn:

· How does business security get breached?
· What can it cost to get it wrong?
· 6 actionable tips



Ransomware is a type of malware that blocks access to your files and systems until you pay a ransom.

The first example of ransomware happened on September 5, 2013, when Cryptolocker was unleashed.

It quickly affected many systems with hackers requiring users to pay money for the decryption keys.

Find out how one company used backup and cloud storage software to protect their company’s PCs and recovered all of their systems after a ransomware strike.


Sam Varghese

website statistics

A professional journalist with decades of experience, Sam for nine years used DOS and then Windows, which led him to start experimenting with GNU/Linux in 1998. Since then he has written widely about the use of both free and open source software, and the people behind the code. His personal blog is titled Irregular Expression.


Popular News