As perhaps the most widely-used computing tool in the workplace, Windows remains a huge target for hackers of all kinds. Criminals are always trying to uncover vulnerabilities in the operating system, but this time around, Microsoft has truly outdone themselves. Windows 10’s built-in security, according to hackers at the Black Hat conference in Las Vegas, allows for the most secure Windows operating system in several years.
In comparison to its previous incarnations, Windows 10 is much more difficult to break into. That hasn’t stopped some hackers from trying, though. Among the Black Hat hackers at the convention were many who had tried to pinpoint potential outlets for malicious threats, While they still managed to come up with a couple of solutions, it became clear that Windows 10 is much more challenging for hackers to infiltrate. Below are a few of the proposed attack models, and how Windows 10 challenges them.
Windows 10 Uses Built-In Anti-Malware Tools
Windows 10 uses what’s called the anti-malware scan interface (AMSI), which is capable of identifying and capturing malicious scripts in memory. The idea is that applications can access this information, and any antivirus or anti-malware program can process it. For example, Windows Defender and AVG use AMSI. The reason this is such a huge problem for hackers is that many prefer to use script-based attacks. The kicker here is that while AMSI is a valuable tool to detect and prevent attacks, it requires secondary security protocol to be most effective. While it’s great for detecting scripts executed in PowerShell, since PowerShell records logs, it still requires someone to regularly monitor the logs in order for it to be most effective.
Active Directory
Active Directory is a crucial part of how Windows administration functions, and is useful for both managing workloads in the cloud, and controlling identity and authentication management on in-house networks. Microsoft Azure uses Active Directory, which can provide exceptional security for an Azure-based cloud computing platform. The problem that admins run into in most circumstances is that any user account can access Active Directory, unless the administrator removes those permissions. Therefore, it falls to your IT administrators to ensure the credentials for your Active Directory authentication are secured, and to control user permissions to mitigate potential access to AD.
Virtualization
Virtualization-based security is a series of security features that are built into the hypervisor of Windows 10. In essence, Hyper-V can create a virtual machine that isn’t connected to the root partition. This virtual machine can then execute security commands as needed. The idea here is that Hyper-V creates a virtual machine that can’t be compromised, even if the root partition has been taken over. It’s a way of minimizing the extent of data breaches, should they happen in the first place. Of course, if the root contains credentials that allow hackers to access the virtual machine, it’s all over. Therefore, administrators need to take measures to ensure that hackers cannot access the VBS machine.
Of course, no matter how secure an OS is, hackers will always find a way to get in. One way or another, criminals who are determined to bypass defenses will create a way to do so. Microsoft patches known vulnerabilities as soon as they’re discovered to be active, so it comes down to outplaying the opponent. Hackers will inevitably find ways to crack Windows 10’s innate security, so it’s your responsibility to complement your OS’s security with your own solutions.
If you need assistance securing your Windows 10 devices, or any other workstations, servers, or network components, reach out to SMART Services at 586 258-0650 .
Let Smart Services position your agency for tomorrow’s technological challenges. For 25 years, Smart Services has helped agencies across the U.S. face a changing environment by providing innovative technology solutions that allow agencies to focus on growing their business. MyAgency Cloud, our complete cloud solution, covers all your technology needs in the cloud or at your agency. In today’s competitive environment, it’s time to make your agency technology a strategic asset, instead of a liability. Let us show you how. To learn more, please call our expert agency technology advisor at 586-258-0650.
Comments