Infecting more than 250,000 computers, in 116 countries, was not an easy feat, and to have accomplished such in merely days, there we have the worst ransomware outbreak in history.

Investigations were done and much was revealed. Like all ransomware, WannaCry’s goal was to extract ransom money from the infected by encrypting the computer data and thereby holding them hostages. Ransom payment was in Bitcoin which was the cryptocurrency of choice of the day for its lack of regulation and anonymousness.

Some paid the ransom. Some had their data backed up in an offline storage and did not bother. Some decided that their data in hostage was not worth it.

One of the reasons that WannaCry was able to cause a global pandemic was its ability to spread across an internal network like a wild fire, by leveraging an exploit known as EternalBlue, which took advantage of a vulnerability in Microsoft’s implementation of the Server Message Block (SMB) protocol.

Some paid the ransom. Some had their data backed up in an offline storage and did not bother. Some decided that their data in hostage was not worth it. Eventually a kill mechanism built-in to WannaCry was discovered by accident, and there, it was spreading no more. Questions are still unanswered as to why WannaCry would shut itself down if it finds that a certain URL is active. One thing to be agreed is that the kill mechanism was likely to be built in by intention.

The root issue however was perhaps with Microsoft, together with its various hardware vender partners, for having commercialised a computer as a mere mechanical hardware, and for having reinforced such false belief over the years.

Some of the early affected computers were on Windows XP, which were left wide open to the attack since Microsoft ended support for them on April 8, 2014. One would think that Windows XP was most vulnerable. Post-mortem analysis did not agree however. It was identified that Windows XP constituted less than one in a thousand affected computers. For sure Windows XP wasn’t out of favour. With 7.04% of market share, it was the third most popular operating system globally. One reason for this low infection rate was, a bit ironic perhaps, that Windows XP tended to crash when infected before WannaCry could finish installing or go spreading around.

More than 98% of the infected computers were in fact identified to be running different variants of the then-current Windows 7, for which Microsoft had, two months before the outbreak of WannaCry, released security patches. Needless to say, the problem was with the users not keeping their Windows 7 computers on the latest security update. The root issue however was perhaps with Microsoft, together with its various hardware vender partners, for having commercialised a computer as a mere mechanical hardware, and for having reinforced such false belief over the years.

This long-developed and stubborn hardware perspective was perhaps one of the reasons that people left their computers open for a ransomware attack for which a security patch was available.

A computer consists of software as much as hardware. Hardware is the physical platform on which software works wonder. Hardware capacity is as such the defining limit to which what software could perform and how fast and efficient software could perform it.

Distributed computing allows a task to be distributed by software on multiple hardware platforms. It is however mostly for enterprise uses. For most people and businesses, the limiting character of the hardware platform, along with our tendency to resort and to reduce to the first-order understanding of the physical, gives rise the hardware perspective, of viewing computer, similar to a motor vehicle, as a hardware of mere physical parts. Such perspective misleads people into neglecting the software component which, in this day and age where every computing device is connected, in one way or another, requires perhaps more security and performance maintenance than the hardware counterpart.

Sometimes, albeit not as often, the commercial will side with the technical on a perfect solution.

This long-developed and stubborn hardware perspective was perhaps one of the reasons that people left their computers open for a ransomware attack for which a security patch was available. Software developers of operating system or applications were well aware of this. It was however only after a few developers who had massive financial success with subscription pricing instead of the age-old purchase pricing that brought change to the picture.

Such pricing strategy on the one hand reduces the initial commitment compared to purchase pricing. It also transforms the cost, from one of ownership to one of use, or from capital expenditure (CAPEX) to operating expenses (OPEX) in business term, making the decision a much easier one to make, with much less resistant from the Finance department. Subscribers are guaranteed of latest feature updates for performance as well as security maintenance. On the other hand, such repeated streams of cash flow, of an amount that does not bat an eye to individual users, yet together they amount to a reliable and consistent cashflow for the developers.

Both Microsoft Windows and Apple macOS as well as most software developers are either on subscription pricing or migrating to it.

Sometimes, albeit not as often, the commercial will side with the technical on a perfect solution.