Get All Access for $5/mo

If Your Business Network Uses Windows 10, It's Not As Secure As You Think New attack technique called GhostHook renders the Windows security defense system useless once activated

By Agamoni Ghosh

Opinions expressed by Entrepreneur contributors are their own.

You're reading Entrepreneur India, an international franchise of Entrepreneur Media.

Shutterstock

Post the deadly WannaCry attacks most business received recommendations from Computer Emergency Response Team (CERT) to update their Windows systems to Windows 10 to ensure their data is safe and hack-proof as it has been regarded as Microsoft's most secure OS till date. A recent source code leak coupled with a newly found vulnerability should, however, have businesses worried as their systems may not be completely safe.

What is The Latest Threat?

The latest threat is two-fold. First, a massive dump of Microsoft's confidential files that leaks source codes pertaining to Windows 10 builds, and secondly a new attack technique called GhostHook that renders the Windows security defense system useless once activated.

Both vulnerabilities are independent of each other but were discovered around the same time with GhostHook being a post "post-exploitation' attack, which means it requires hackers to already have control over a compromised system.

Systems Vulnerable

Exploits can be designed by hackers to work on almost all Windows 10 builds, including unreleased builds of Windows 10 and Windows Server 2016, which is widely used in offices. A source code is integral to any OS and at its heart does not change from version to version thereby exposing the entire Windows 10 clan.

GhostHook, on the other hand, can work on any system, post-Windows 2005.

Why Can the Threat Be Lethal?

While contents of the dump have been removed, it's unclear how many people had already downloaded it. The data can be distributed via other methods to create exploits. Microsoft's source code package dubbed the "Shared Source Kit' as the major leak in the dump, which includes data on USB, storage, Wi-Fi stacks, and most significantly for business networks Plug-and-Play system.

Most enterprising ventures, especially start-ups, rely on Plug-and-Play office spaces that already have established network connections. This means all communication support like WiFi network and the plug-ins on each workstation are pre-designated.

The data can be used by hackers to exploit any one or more than one of these exploits to launch a large-scale cyber attack on Windows systems across networks. Injection of malicious code on one PC can easily take down the whole network in this case.

Meanwhile, GhostHook requires hackers to have control of the system and then allows them to bypass Windows 10 PatchGuard and plant rootkits onto systems previously thought to be impenetrable. The technique worryingly grants admin rights to the hacker which means for businesses, having control of these rights will allow hackers to infiltrate any and every computer on the network.

What Should One Do If One's Business Runs on Windows 10 Machines?

At the moment it is unclear how big the threat may be in future as a result of these leaks but if you own a business that heavily relies on using Windows 10 machines, a full-scale scan is recommended for not just one machine, but the entire network. Anti-Viruses are not enough so if you haven't invested in a good cyber security firm to check your network for threats then do so immediately. Most importantly make sure to secure a cloud backup of your integral files.

As for GhostHook, Microsoft does not consider issuing any patch to tackle this technique as it claims this can only be used when hackers already have control of the system. All it advises is to stay away from malicious sites and dodgy links. If your business operations contain handling sensitive data make sure to deny download rights to any machines preventing any malicious code injection.

Agamoni Ghosh

Former Staff, Entrepreneur India

She was generating stories out of Bengaluru for Entrepreneur India. She has worked with leading national and international business publications, including Newsweek, Business Standard, and CNBC in the past. 

Business Ideas

63 Small Business Ideas to Start in 2024

We put together a list of the best, most profitable small business ideas for entrepreneurs to pursue in 2024.

News and Trends

Former Cleartrip CEO Ayyappan R Eyes Quick Commerce with FirstClub

After stepping down as Cleartrip's CEO earlier this year, Ayyappan brings his expertise from leading positions at Flipkart, including his role as chief business officer at Myntra.

News and Trends

K12 Techno Services Secures USD 40 Mn in Funding from Kenro Capital

The Bengaluru-based firm aims to expand aggressively, with plans to open 8–12 Orchids schools annually and onboard 100–150 schools under the Eduvate umbrella each year.

Business News

These Companies Offer the Best Work-Life Balance, According to Employees

The ranking is based on Glassdoor ratings and reviews.

Business Ideas

87 Service Business Ideas to Start Today

Get started in this growing industry, with options that range from IT consulting to childcare.

Science & Technology

Use This Framework to Successfully Integrate AI Into Your Business Operations

Here's how to ensure both innovation and compliance when using AI in your organization.