Are the recent Russian cyber-attacks Windows-based?

I have a question about the spate of apparently Russian cyber-attacks that have prompted the Defense Department to have President Bush sit down for a little talk. Here’s what prompted my question; quoting the L.A. Times:

“Military computers are regularly beset by outside hackers, computer viruses and worms. But defense officials said the most recent attack involved an intrusive piece of malicious software, or “malware,” apparently designed specifically to target military networks.

“The first indication that the Pentagon was dealing with a computer problem came last week, when officials banned the use of external computer flash drives. At the time, officials did not indicate the extent of the attack or the fact that it may have targeted defense systems or posed national security concerns.

“The invasive software, known as agent.btz, has circulated among nongovernmental U.S. computers for months. But only recently has it affected the Pentagon’s networks. It is not clear whether the version responsible for the cyber-intrusion of classified networks is the same as the one affecting other computer systems.”

Since these worms and/or viruses were ostensibly spread via infected flash drives, that would imply that the computers that got infected were running Microsoft Windows, a notoriously insecure and virus-prone computer operating system. While WIndows is the de facto standard in many parts of the world, its historically insecure nature should make it a prime candidate for removal from national security computers. Yes, it would mean a change in how things are done, but the security implications of foreign parties being able to infect U.S. computers with harmful malware should override the “it’s how it’s always been done” inertia. 

Logical alternatives are Mac OS X and Linux. Neither Mac OS X or the many available versions of Linux have ever had a single computer virus. While that will likely change at some point, both systems’ inherently open nature makes it much easier for an effective solution to be developed and rapidly deployed. Also, their openness makes it more difficult for malware writers to make devastating software. This may seem contradictory — how, if a system is wide open, can it be secure? As Bruce Perens wrote,

“The publication of source code actually improves security because the program or operating system can be peer-reviewed by anyone who cares to read it. Many security bugs that are overlooked in other operating systems have been caught and repaired in Linux, because of its extensive peer-review process.”

The very same way that programmers can use “thousands of momentarily-idle workstations together over the Internet and make them all work on the same problem simultaneously” [Perens] not only make sit possible “to create ‘virtual’ supercomputers, at low or no cost,” the same trick makes it possible for malware to seize insecure computer networks and turn them into massive cyber-attack mechanisms, such as what may have hit the U.S. computers in the first referenced story. With Linux or Mac OS X, such attacks would be much less likely to happen. This is not to say they would be impossible, but, given the peer-reviewed nature of the underlying code in both systems, they are much more difficult to create, and can be much more quickly addressed by “good” developers.

On the topic of openness, Linux (and the BSD UNIXes) actually prevail over Mac OS X. If a dreadful cyber-attack succeeds in crippling computers running Mac OS X, we are dependent upon Apple to issue the fix. Hopefully this would happen quickly, but we have seen in the past that it sometimes has taken Apple a relatively long period of time to issue security updates. Linux, on the other hand, is often updated within a matter of hours, not days, weeks, or months. Both security and performance considerations led Lockheed Martin and the United States Navy to implement Linux in a high-performance cluster. It is my hope that the incoming Obama administration will take the implementation of Linux and other open source software under serious consideration as a way to improve our national security.

Advertisements

Author: Jason Haas

Jason is an elected member of the Milwaukee County Board of Supervisors, occasionally moonlights as an amateur gardener, and is a proud father of two, or three, depending on how you do the math.