GhostNet – Is it Enough Of A Threat to Make You Switch?

In my daily browsing, I saw a story on techradar, speaking of the problems with GhostNet, and stating that all the problems would be solved if people simply moved to Linux.

While it is an interesting story, I don’t believe for one minute that Linux is impenetrable, nor is any Microsoft operating system incapable of being secured. The problem, that could have been better explained by the author of the article, is that Linux is better protected by default, whereas Windows must be secured.

Both operating systems can be compromised – I believe that any operating system can be, but instead of bashing Microsoft, or exalting Linux above its rightful place, more time should be spent learning how to secure a computer. Some will not wish to do this, and for that luxury, they will pay. Either in lost or compromised information, or dollars, for those who wish to assign the task of keeping the machine(s) they work on safe.

While the subject of this story, along with things like Conficker, will probably not touch most who read about them, but it is good to be chided about security now and then, and possibly get a bit worried – it makes us do the proper things to secure what is ours.

GhostNet is a wakeup call to switch to Linux

Ancient versions of Windows too easy to compromise

It’s compromised over 1,000 machines in 103 countries, with targets including the Dalai Lama and government departments. It’s called GhostNet, it’s a spy network, and it wouldn’t exist if government departments and other public bodies used Linux.

The scale of GhostNet is staggering, but at heart it’s no more complicated than a script kiddie attack.

Somebody receives an email with an official looking document, they open the file, and a Trojan sneaks onto their system.

While the level of research is impressive - the emails appear to come from senior members of staff, the file names fit the organisation’s style and the supposed documents sound like the sort of thing bosses would send - at heart GhostNet is based on the same old Windows security problem.

Public sector organisations tend to be a good bit behind the rest of us when it comes to operating systems, so while Windows Vista (and soon, Windows 7) offer much better security than previous versions of Windows, the security changes are irrelevant: the compromised computers will almost certainly be running XP, or perhaps even Windows 2000.

Upgrading to a more modern Windows would certainly improve things, but the cost of all those Windows licences - and in many cases, of the hardware upgrades required to bring PCs up to scratch for basic Vista operation - is a tough sell in these credit crunched times.

The answer, then, is obvious. Public sector organisations should run Linux. It wouldn’t eradicate GhostNet-style systems altogether, because if there’s a shadowy group determined to access secret data then you can be sure it’ll hire the best computer brains in order to do it, but Linux would definitely make the spooks’ life much more difficult.

Compromising old Windows boxes is like stealing candy from a baby. Compromising Linux boxes is more like stealing candy from a baby that’s locked away in a subterranean vault with armed robot guards, packs of savage Rottweilers and lots of Indiana Jones-style traps. On the moon.

According to the authors of The Snooping Dragon: Social Malware Surveillance of the Tibetan Movement, which is one of the reports detailing the “murky realm” of GhostNet, “What Chinese spooks did in 2008, Russian crooks will do in 2010 and even low-budget criminals from less developed countries will follow in due course.”

You wouldn’t send an army into battle with rubber rifles - and yet in information warfare, that’s essentially what we’re doing. These organisations have our data, spend our money and are being targeted to undermine our national security. It’s about time they took steps to protect it.

The thorny thing about this article is, if it were not so critical of Windows in general, and praising Linux, it might have been an overzealous press release from Microsoft, pushing the move to Vista, and poo-pooing XP and other previous versions.

Anytime an article is so critical, without pointing to specifics, you can bet there is a lot of exaggeration in the mix.

One this about the article is true – if you have not much invested in Windows, and no real store of knowledge concerning the operating system, and its origins (command line, DOS), you would be just as well off using a version of Linux. It would be cheaper, safer (remember what was said above), and no company would be trying to force you to upgrade software and hardware every three years.

§

•

How many people here have telekinetic powers? Raise my hand.