If Your Business Network Uses Windows 10, It's Not As Secure As You Think New attack technique called GhostHook renders the Windows security defense system useless once activated

By Agamoni Ghosh

Opinions expressed by Entrepreneur contributors are their own.

You're reading Entrepreneur India, an international franchise of Entrepreneur Media.


Post the deadly WannaCry attacks most business received recommendations from Computer Emergency Response Team (CERT) to update their Windows systems to Windows 10 to ensure their data is safe and hack-proof as it has been regarded as Microsoft's most secure OS till date. A recent source code leak coupled with a newly found vulnerability should, however, have businesses worried as their systems may not be completely safe.

What is The Latest Threat?

The latest threat is two-fold. First, a massive dump of Microsoft's confidential files that leaks source codes pertaining to Windows 10 builds, and secondly a new attack technique called GhostHook that renders the Windows security defense system useless once activated.

Both vulnerabilities are independent of each other but were discovered around the same time with GhostHook being a post "post-exploitation' attack, which means it requires hackers to already have control over a compromised system.

Systems Vulnerable

Exploits can be designed by hackers to work on almost all Windows 10 builds, including unreleased builds of Windows 10 and Windows Server 2016, which is widely used in offices. A source code is integral to any OS and at its heart does not change from version to version thereby exposing the entire Windows 10 clan.

GhostHook, on the other hand, can work on any system, post-Windows 2005.

Why Can the Threat Be Lethal?

While contents of the dump have been removed, it's unclear how many people had already downloaded it. The data can be distributed via other methods to create exploits. Microsoft's source code package dubbed the "Shared Source Kit' as the major leak in the dump, which includes data on USB, storage, Wi-Fi stacks, and most significantly for business networks Plug-and-Play system.

Most enterprising ventures, especially start-ups, rely on Plug-and-Play office spaces that already have established network connections. This means all communication support like WiFi network and the plug-ins on each workstation are pre-designated.

The data can be used by hackers to exploit any one or more than one of these exploits to launch a large-scale cyber attack on Windows systems across networks. Injection of malicious code on one PC can easily take down the whole network in this case.

Meanwhile, GhostHook requires hackers to have control of the system and then allows them to bypass Windows 10 PatchGuard and plant rootkits onto systems previously thought to be impenetrable. The technique worryingly grants admin rights to the hacker which means for businesses, having control of these rights will allow hackers to infiltrate any and every computer on the network.

What Should One Do If One's Business Runs on Windows 10 Machines?

At the moment it is unclear how big the threat may be in future as a result of these leaks but if you own a business that heavily relies on using Windows 10 machines, a full-scale scan is recommended for not just one machine, but the entire network. Anti-Viruses are not enough so if you haven't invested in a good cyber security firm to check your network for threats then do so immediately. Most importantly make sure to secure a cloud backup of your integral files.

As for GhostHook, Microsoft does not consider issuing any patch to tackle this technique as it claims this can only be used when hackers already have control of the system. All it advises is to stay away from malicious sites and dodgy links. If your business operations contain handling sensitive data make sure to deny download rights to any machines preventing any malicious code injection.

Agamoni Ghosh

Former Staff, Entrepreneur India

She was generating stories out of Bengaluru for Entrepreneur India. She has worked with leading national and international business publications, including Newsweek, Business Standard, and CNBC in the past. 

Related Topics

Data & Recovery

The All-in-One, Super-Sized Ethical Hacking Bundle Is Only $40 for Presidents' Day

Get 18 cybersecurity courses for a great price (regularly $1,098).

Business News

'I Am Absolutely Terrified': OpenAI's New Project Isn't 'Broadly' Available Yet — But It's Already Setting Off Alarm Bells

The company behind ChatGPT wants to "help people solve problems that require real-world interaction."


10 Leadership Lessons From Successful CEOs — An Insightful Guide for the Ambitious Entrepreneur

Valuable lessons you can learn from successful CEOs like Steve Jobs, Jeff Bezos and Elon Musk.


International Security Firm Welcomes Female India Native to an Essential Leadership Position

Yasmin Brar has been appointed as the Operations Strategy Director, a role that underscores the company's commitment to innovation, expansion, and strategic management


Companies Are Spending $21.2 Billion on Corporate Swag — Only For It to End Up in the Donation Pile. Here's What You Need to Do to Stand Out.

How entrepreneurs can transform promotional products into meaningful, story-driven tokens that captivate, connect and create lasting brand impressions.


What Your Brand Needs to Unlock The Power of Thought Leadership

Transform your brand's presence and drive growth using insights.