If you still want to use Windows for your home computer, that is OK, because its only your own data and it will not affect many users if you get hacked. Last, but not least, its you, not the tax payers that have to spend money fixing it when it happens. Windows may also run some of your games best.
One public service after another gives away the control over their computers to criminal hacker groups. The list keeps getting longer and includes military defence, police force, hospital and other critical institutions. All of the infected computers running Windows, and it seems to be a global issue.
Make no mistake about this – when a computer is infected with malware, it’s all up to the writer of the malware to decide what should be done. Usually the goal is creating a large botnet, but it could just as easily erase all data on the computer, or even upload data from the computers to an internet server. Or just implement a backdoor for later use.
The Norwegian police’s computers has been infected with Conficker a few days now, and they try to calm down people with saying that this was not a targeted attack. Right. THIS what not at targeted attack, but the fact that this automatic attack uses a well known security hole, with published PoC and everything you need means that anyone with the ability to use Google could create their own attack in 1-2-3.
How to hack unpatched computers in 1-2-3:
1.Select your favourite exploit, you can find hundreds of them.
2.Copy and paste the proof of concept code into your little malware
3.Attack and hide.
What we know is that bots have been walking around inside our police offices, and the reason is that the doors has not been locked. The same doors have been open for anyone, who else has been inside since October? We could never know…
If you do this targeted, you will remain undetected for a LONG time unless you screw anything up. The antivirus software will not detect a targeted attack, because they only look for known malware signatures. You know; I bet that the IT-department of some of the institutions that have had their doors unlocked for months now didn’t even reinstall everything on all the computers that have remained unpatched for months, but only removes the malware and updates Windows. So if you hacked the computers a while ago, you can still remain undetected. The doors may be locked now, but you already created your own well hidden backdoor.
How to stay undetected in 1-2-3:
1.Hide your backdoor in existing files
2.Do not mess with anything. Make a copy and mess with the copy.
3.Do not remote control a computer while its in use
Oh, another thing. The Norwegian police force states that they still are working with removing Conficker (Monday afternoon). I hope they don’t have any of the unpatched computers connected to anything, because these are open as a open door as we speak, or type, or read. I mean; I type – You read.
This is really serious. Systems so targeted for malware, and so hard to maintain should not be used by public sector. Yes, I say hard to maintain. If you installed Debian in 1996, you could still run it and have it patched. If you run Windows from 1996, you have to have reinstalled at least once, preferably twice, and bought new hardware at least once, again preferably twice.
Another issue is, that swapping to Linux for public sector would not only be safer, but also cheaper and more reusable.
Many countries are already doing this with success, so why shouldn’t we all? The French police are migrating all 90.000 workstations by 2015, and even if they only moved 5.000 so far, they have saved 50.000.000 Euro in licensing and maintenance costs.
Cheaper, safer, simpler, better. Who decides that we still stick with Windows? This is a political matter, and politicians say go open source, yet (almost) nothing happens.
The work with getting rid of closed source in public sector needs to accelerate before public sector is owned by hackers or script kiddies.
Who would like to hack the police, or the hospitals? I can think of a few groups:
1.The botnet makers
2.Criminals looking for stuff to blackmail others on
3.Kids fooling around
I guess there are more groups, but this should be enough to start locking the doors. Right?
