Ransomware runs amok, Microsoft still silent

You’re the biggest provider of desktop operating systems in the world.

Sure, the year of the Linux desktop never happened, but Unix-derived operating systems dominate smartphones and tablets, and usage of Windows operating systems is badly fragmented.

Indeed, there are STILL people using Windows XP and Windows 7, despite Microsoft’s best efforts to get everyone to upgrade to Windows 8, 8.1 and then Windows 10, and unless you protect yourself as much as possible, Windows is your best chance of getting malware so debilitating it can put you out of business and wipe all your data permanently.

{loadposition alex08}

Of course, all of the security companies of the world have come out to offer advice, even if Microsoft remains silent (thus far for today).

Advice includes applying all patches, not just to operating systems, but to all of your software, programs and apps - even if that list of three describes the same thing.

You also need to apply patches and firmware updates to your hardware - your BIOS, printer, TV, router, security camera and any other connected device.

There’s also a need to take the only step that can truly protect you in the event that malware or ransomware slips through, and that’s to make a 3-2-1 backup (here's a video), here more in text.

This means AT LEAST 3 different copes if your data, on at least two different forms of media, and with at least one copy stored offsite.

A great example for copying data offsite is Acronis, with its True Image 2017 Premium version for Windows PCs providing “Active ransomware protection.” 

So. #Acronis protects against the latest #Petya #ransomware. nice. pic.twitter.com/Xwtya1xpYH

— Guennadi Moukine (@potatograss) June 28, 2017

However, if you’re a network administrator, then you’ve got even more tools at your disposal.

One tweet advises to apply the “MS17-010 patch AND blocking ADMIN$ via GPO will stop lateral movement on WMI and PSEXEC.”

To quickly stop Petya right now - MS17-010 patch AND blocking ADMIN$ via GPO will stop lateral movement on WMI and PSEXEC.#Petya

— Binary Defense (@Binary_Defense) June 27, 2017

Hacker Fantastic says that “#Petya encrypts ON BOOT. If you see CHKDSK message your files not yet encrypted, power off immediately. You can recover with with LiveCD. “

#Petya encrypts ON BOOT. If you see CHKDSK message your files not yet encrypted, power off immediately. You can recover with with LiveCD. pic.twitter.com/nKL4Xixjn9

— Hacker Fantastic (@hackerfantastic) June 27, 2017

Even better is a tweet from an OS researcher who states: “98% sure that the name is is perfc.dll Create a file in c:\windows called perfc with no extension and #petya #Nopetya won't run! SHARE!!”

98% sure that the name is is perfc.dll Create a file in c:\windows called perfc with no extension and #petya #Nopetya won't run! SHARE!! https://t.co/0l14uwb0p9

— Amit Serper (@0xAmit) June 27, 2017

Of course, besides Microsoft’s silence on the topic today, how about the NSA itself?

Edward Snowden calls the NSA out for hiding the “Eternal Blue” vulnerability for 5 years.

.@NSAGov kept open the hole (#ETERNALBLUE) hit by today's #Petya/#NotPetya ransomware attack–for more than 5 years. https://t.co/mAeIeCGiyY pic.twitter.com/coK1kd2MIv

— Edward Snowden (@Snowden) June 27, 2017

If the NSA, CIA and others play with fire, aren’t the supposed to keep these vulnerabilities “safe”?

Why have Microsoft’s efforts in finding security vulnerabilities in its own software so spectacularly failed over the years?

And where is Microsoft in being proactive in explaining why updates are important, and doing all it legally can to ensure people are either updating their operating systems, or at the very least, patching their systems?

Instead, we saw Microsoft engage in various and effectively underhanded ways to force people to upgrade to Windows 10.

Yes, Microsoft still thankfully offers a free “Windows 10 accessibility upgrade” which lets licensed Windows 7 and 8.1 users still get a totally free update - without needing to prove you have any disability, and with the update identical to the previous free Windows 10 upgrade offer.

If Microsoft was truly serious about getting people to upgrade, the company would produce its own television show - broadcast around the world and on YouTube, that talked about technology, and explained it to end-users.

Or something! Whatever Microsoft is doing clearly isn’t enough, or there wouldn’t be these damned continual outbreaks of malware, viruses and ransomware ruining people’s businesses and lives.

And don’t tell me Windows 10 S is the solution… it might be one day when Microsoft has truly decent apps in the Microsoft Store, but that day sadly is nowhere near here yet!

Presumably technical people and IT admins should know all of this already, but with all the outbreaks of ransomware across the world today, the IT admins of those affected just aren’t doing what needs to be done to keep computers and their users safe.

Back in 2011, I switched to a Mac, and while that’s no guarantee of never getting a virus, and while I do make regular 3-2-1 backups with Time Machine and Acronis True Image 2017 for Mac, and run software such as Norton Internet Security, Malwarebytes for Mac, and other software, my computing life has never been smoother or better.

What you do is up to you, but sometimes you’ve just got to lead by example, as actions always speak louder than words.

Today, on the next major ransomware outbreak of 2017, Microsoft hasn’t made any public actions that I can see, nor have there been any words - or at least, none that I can see on Twitter from Microsoft, or its website, or its Facebook page.

Well, I’m trying to check Microsoft’s Facebook, but I can’t get Facebook to load - let’s just hope they didn’t get affected by ransomware!

So, Microsoft - are you going to make any statement today? Or are the computers of your users melting down, despite clearly their own inaction, something you’ve nothing to say about?

For more on all the #Petya Tweets, click here.

It’s also called #Goldeneye, so those tweets are here, too.