Get All Access for $5/mo

If Your Business Network Uses Windows 10, It's Not As Secure As You Think New attack technique called GhostHook renders the Windows security defense system useless once activated

By Agamoni Ghosh

Opinions expressed by Entrepreneur contributors are their own.

You're reading Entrepreneur India, an international franchise of Entrepreneur Media.

Shutterstock

Post the deadly WannaCry attacks most business received recommendations from Computer Emergency Response Team (CERT) to update their Windows systems to Windows 10 to ensure their data is safe and hack-proof as it has been regarded as Microsoft's most secure OS till date. A recent source code leak coupled with a newly found vulnerability should, however, have businesses worried as their systems may not be completely safe.

What is The Latest Threat?

The latest threat is two-fold. First, a massive dump of Microsoft's confidential files that leaks source codes pertaining to Windows 10 builds, and secondly a new attack technique called GhostHook that renders the Windows security defense system useless once activated.

Both vulnerabilities are independent of each other but were discovered around the same time with GhostHook being a post "post-exploitation' attack, which means it requires hackers to already have control over a compromised system.

Systems Vulnerable

Exploits can be designed by hackers to work on almost all Windows 10 builds, including unreleased builds of Windows 10 and Windows Server 2016, which is widely used in offices. A source code is integral to any OS and at its heart does not change from version to version thereby exposing the entire Windows 10 clan.

GhostHook, on the other hand, can work on any system, post-Windows 2005.

Why Can the Threat Be Lethal?

While contents of the dump have been removed, it's unclear how many people had already downloaded it. The data can be distributed via other methods to create exploits. Microsoft's source code package dubbed the "Shared Source Kit' as the major leak in the dump, which includes data on USB, storage, Wi-Fi stacks, and most significantly for business networks Plug-and-Play system.

Most enterprising ventures, especially start-ups, rely on Plug-and-Play office spaces that already have established network connections. This means all communication support like WiFi network and the plug-ins on each workstation are pre-designated.

The data can be used by hackers to exploit any one or more than one of these exploits to launch a large-scale cyber attack on Windows systems across networks. Injection of malicious code on one PC can easily take down the whole network in this case.

Meanwhile, GhostHook requires hackers to have control of the system and then allows them to bypass Windows 10 PatchGuard and plant rootkits onto systems previously thought to be impenetrable. The technique worryingly grants admin rights to the hacker which means for businesses, having control of these rights will allow hackers to infiltrate any and every computer on the network.

What Should One Do If One's Business Runs on Windows 10 Machines?

At the moment it is unclear how big the threat may be in future as a result of these leaks but if you own a business that heavily relies on using Windows 10 machines, a full-scale scan is recommended for not just one machine, but the entire network. Anti-Viruses are not enough so if you haven't invested in a good cyber security firm to check your network for threats then do so immediately. Most importantly make sure to secure a cloud backup of your integral files.

As for GhostHook, Microsoft does not consider issuing any patch to tackle this technique as it claims this can only be used when hackers already have control of the system. All it advises is to stay away from malicious sites and dodgy links. If your business operations contain handling sensitive data make sure to deny download rights to any machines preventing any malicious code injection.

Agamoni Ghosh

Former Staff, Entrepreneur India

She was generating stories out of Bengaluru for Entrepreneur India. She has worked with leading national and international business publications, including Newsweek, Business Standard, and CNBC in the past. 

News and Trends

Multiples Private Equity Leads INR 1000 Cr Funding in Shubham Housing

With the raised funds, the Gurugram-based platform aims to propel its growth trajectory, diversifying its product offerings and strengthening its national footprint.

News and Trends

Amazon Enters India's Booming Quick Commerce Market with Tez

Amazon Tez will first launch as a pilot program, allowing the company to refine its operations before scaling up across the country.

News and Trends

Recur Club Announces Credit Offerings for Startups Beyond Series A and SMEs

In FY 24–25, the platform also plans to deploy an additional INR 2000 crores through its Recur Swift program for startups.

Side Hustle

At Age 15, He Used Facebook Marketplace to Start a Side Hustle — Then It Became Something Much Bigger: 'Raised Over $1.6 Million'

Dylan Zajac, now a 21-year-old senior at Babson College, wanted to bridge the digital divide.

News and Trends

Orios Venture Partners Leads USD 1.45 Mn Investment in Climate Tech Startup Sustainiam

The fresh funds will be used to launch a digital platform for trading environmental assets, scale its workforce, and expand operations globally.

Living

An Escape From Meetings and Spreadsheets: 70,000+ Retro Video Games

Unwind with classic games and streaming on one powerful emulator and streaming console.