A last note on the Cyber-attack debacle

Posted on by

Map RansomwareYou are most likely sick and tired of hearing about the attack of  Ransomware and similar worms, however, it is a fact that most Windows PCs were vulnerable to remote attack due to dud Windows Defender, the protection installed by default on all consumer oriented Windows PCs.

Without going in to all the technical details suffice it to say that Microsoft has now – and it must be said with impressive speed – issued an automatic patch to guard against the remote code execution.

The interesting thing about this whole story is

 

that it raises questions about whether anti-virus software is a good idea. Surprising as that may sound to you there are indeed reasons for this that has to do with anti-virus software working in the highest level of privilege thus leaving the system vulnerable to attack. So, by trying to protect the system from every angle the anti-virus and anti-malware softwares expose their own vast attack surface. Back in June last year Google’s Project Zero found 25 high-severity bugs in Symantec/Norton security products leading to some people recommending you stick with just Windows Defender.

Ransomware At Kapiti SeniorNet we strongly recommend that you use anti-virus and anti-malware protection because they will protect you from a host of other remote attacks, and combined with maintaining your system and any third-party applications updated you are doing the best you can.

One thing you may not be aware of is that 97% of the WannaCry infections hit computers running Windows 7 according to antivirus provider Kapersky Lab. By contrast, infected Windows XP machines were practically non-existent.

The findings challenge the widely repeated perception that the outbreak was largely the result of users who continued to use Windows XP as their operating system, possibly also as a result of the XP machines crashing before the worm could take hold. It now looks as the leading contributor to the virally spreading infection were Windows 7 machines that hadn’t installed a critically security patch that Microsoft issued in March.

I should add that the most widely used W7 OS by the large organisations is the x64 Edition, something like twice as many as the W7 versions used in homes and small offices. Are businesses less likely to patch or update?Password joke

Hopefully we can look forward a spell without cyberattacks, a forlorn hope I know, so be sure to heed the recommendations in Bunk’s latest posting ‘You don’t WannaCry…do you?”, and as usual always be on the look out for scammers and other low-life intent on spoiling our fun and entertainment on the internet.

Happy computing.