Well, for two decades now, I have been saying that Windows is insecure by design. And as usual, most exploits seek that easier target. And as some will attempt to argue, ‘well, there are more attacks on Windows than other platforms because there are more Windows machines on the net. Doh!’

And therein lies most of the problem.

For something like SWIFT, there is *NO* reason it should have to run on Windows.
The functionality can be done on Linux.

Matt Suiche:
“Unfortunately, as long as companies would not really understand the technical origins of cyber security issues — or worse deny them — those issues will still exist and potentially put critical nation infrastructure at risks.”

“when you come to a fork in the road, take it.” – Yogi Berra

Lots of people are now at that fork, and have stopped. Wondering which way to go. Perhaps the wear on the lanes at the fork indicate the most travelled path, so they pick that assumming that the majority was probably right, and safety in numbers. Perhaps on their cell phone, asking someone else for advice. Perhaps thinking that maybe they should turn around a go back to somewhere else. Perhaps they can really admit to themselves that they are truly lost.

This is the situation today with regard to staying on the Microsoft road.

Many over the years have come to this fork, but continued down the Microsoft road. They took the wrong fork.

They were not really on a road that led to somewhere that they wanted to get to. They where really in a maze of Microsoft roads, that lead to each other. The only forks were actually upgrade roads, but they are all toll roads and the driver still remains in a twisty maze of passageways, all different.

Which leads me to how this is on topic.

All of the dumps recently are heavy on exploits that target the Microsoft platform. Most are older exploits, but we are seeing more recent stuff, albeit not super recent. But the trend is clear, and there likely numerous zerodays for Windows10. They just are not public. YET.

And we know lots of companies and governments that are stuck with Microsoft because of lockin and legacy applications that can not be easily converted to open standards.
They are stuck at the fork. They can not turn around and go back.

But because of these exploits now visible to the public, there have to be millions and millions of IT people, that now realize that there are at the proverbial fork in the road.

What would be desirable from a pure security perspective is more platform diversity. More taking the good fork even if it appears less traveled, or ignoring who they called on their cellphone to ask for direction (consultant).

We need more of:
“Nobody goes there nowadays, it’s too crowded”. – Yogi Berra

The majority is not always right, and there is no safety in numbers when it comes to platform. At this point, being in the Microsoft crowd is actually a negative. In fact, it may be fatal to not leave the Microsoft ‘Vending Machine maze’. Also, with these exploits becoming public, companies will be under heavy pressure from shareholders worried about risk.

Ironically, the exploits now being public, may actually result in many IT people being too scared to take the fork in road, and instead will spend major money on the upgrade road. But it is a toll road (license fees).

I believe we are at a seminal event in the history of IT, and therefore the future of the planet.

Will enough people take the fork in the road?
Or will too many stick to the easier exploitable platform and continue to pay the tolls?

“You can observe a lot by just watching” – Yogi Berra

Seems like this tweet is under burial attack:

Retweet by @x0rz, originally by @GossiTheDog

Guys your network diagrams and SWIFT Alliance passwords are in the dump, you might want to look into it. (link: https://twitter.com/EastNets/status/852912656130244608) twitter.com/EastNets/statu…