Hence the Ransomware Action Plan. It's just like the numerous other plans which Morrison and his ministers have put forth, meaningless jumbles of words, all aimed at that one Saturday before next May when the election will have to be held.
When something that should necessarily have some gravitas starts out like this: "The world has never been more interconnected and our reliance on the internet to fuel Australia’s prosperity and maintain our way of life has never been greater", you just know that it's weapons-grade BS.
Still one of my favourites— Florian Roth ⚡️ (@cyb3rops) October 13, 2021
(happens 1-2 per month in our customer base; they contact us because of a Ransomware incident and we dig up a much older persistent threat) https://t.co/SOQHXrT1SH
And so it is. The 16-page document is a waste of time. One feels sorry for Karen Andrews who had to put her name to it, seeing as she has just taken over the mantle of Home Affairs — which until recently was under Peter Dutton — after a reasonably competent performance as minister for industry and technology.
To cut to the chase, the "plan" — how many times have we heard that from Morrison? — will force industries with $10 million or more in annual revenue to fess up if one of those ransomware gangs comes a-calling.
"Microsoft adds tamper protection to Windows 11 security baseline" ... "Once tamper protection is toggled on, ransomware operators would have a much more challenging task ahead of them when trying to" pic.twitter.com/v9wJvZPaWM— vx-underground (@vxunderground) October 9, 2021
There is also a proposal to increase penalties for ransomware gangs. Great, I can just see the blokes behind REvil and Hive shaking in their boots. And there are a lot of more airy-fairy aspirations which Andrews was forced to advance in a media release on Wednesday. My deepest sympathies to you, ma'am, I can understand exactly how foolish you felt having to put this material out under your name.
One of the big problems that the government just refuses to face up to is the fact that it is impossible to find a cure for something unless you know what is causing the disease. And when one, in the fashion of a mule, simply avoids naming Microsoft's Windows operating system as the number one culprit, how is one going to fix the problem?
You can call me a one-eyed critic when it comes to Windows. So, forget me. Take the word of Google, a company that runs the VirusTotal database, a site where security researchers can submit any ransomware they find and have it scanned by anti-virus engines to see if it can be identified.
[Statistics on countries affected by darkweb ransomware, 2019.05.01~2021.10.06]— DarkTracer : DarkWeb Criminal Intelligence (@darktracer_int) October 7, 2021
There are 3,338 affected organizations in 105 countries.
10. Japan pic.twitter.com/kEvSxKEqxR
VirusTotal released its analysis of 80 million ransomware samples on Thursday. The unsurprising finding was that 95% of those samples were gunning for Windows systems. That's from samples running all the way back to January 2020.
Just 2% were aiming at Android. The remaining 3% were mostly targeting OSX, but with a single family known as EvilQuest. There may have been a few that targeted VMware's ESXi server. ESXi runs on bare metal unlike other VMware products and includes its own kernel. Initially, it included a Linux kernel, at which point it was known as ESX, but development was stopped at version 4.1, according to Wikipedia.
ESXi does not have a Linux kernel; its microkernel has three interfaces: hardware, guest systems and the service console. Were ransomware to infect any VMs on an ESXi system, it could spread to Windows machines on the same network, as ESXi is often connected to Active Directory.
But back to the Morrison plan which is to effectively do "something" about whatever looms as an obstacle to his re-election ambitions. Were the man to do some self-reflection, it would probably strike him that he is out of his depth as the country's chief executive. But then one needs some humility to do that, and that is not a quality one could ever accuse ScoMo of having.
All that Morrison looks to do is to be able to answer any queries about issues with the stock answer, "we are doing something about it, have you not seen the plan we issued on (fill in the day)." Followed, of course, by some vacuous talk, assuring people that if they have a go, they will get a go. What's more, they may even get ransomware written in Go!
One wag saw these words in one of the reactions to the plan: "The Federal Government's release of the ransomware plan is a positive deterrent for criminal groups who are thinking of targeting
Said wag is part of the IT industry and his/her reaction was quite colourful. "What utter bollocks. Really, governments are in a tough spot and there’s not too much Australia or other countries can do individually. Except outlaw payments, and the political will to take such a radical step doesn’t seem to be there (in any country).
"The best they can do is join forces with other countries and kick ransomware gangs in the testicles so often that they eventually decide to call it a day. And that’s what’s finally starting to happen.
Ransomware operators seeing the people they invented jobs for complaining about them pic.twitter.com/7VVvmRzPJP— ? (@SwiftOnSecurity) October 12, 2021
The man/woman wasn't done. "When I said 'kick them in the testicles', I actually meant 'kick them in the testicles, gut, shins and head'.
"In other words, hit them as many ways as possible: diplomatic efforts, regulatory efforts on the crypto side of things, disruption and seizure efforts, etc., etc. Until now, the gangs have been operating with almost complete impunity. That needs to change."
That all sounds rather optimistic. Australia is Microsoft country. It's high time that, rather than go after the likes of Facebook and Google — one simply cannot control them — the government puts some pressure on Microsoft to get its act in order. That is, if it cares even an iota for the businesses in this country who have no option but to use the woeful wares that the Redmond firm sells. But hoping for Morrison to do something that counts is like waiting for the arrival of Godot.