The West should prepare for further cyberattacks

Oxblood Ruffin
Oxblood Ruffin, of Cult of the Dead Cow hacking collective, and Hacktivismo

TechRadar is delighted to welcome writer and human rights activist Oxblood Ruffin as regular columnist, covering cyber- and infowar.

In December 2001 I wrote an article entitled, 'Microsoft, terrorism, and computer security'. I stated that, "Microsoft is not, of course, a terrorist organisation. But its ubiquity on the desktop coupled with its poor track record in network security is a tested formula for international disaster."

My central thesis was that Microsoft's security model was so weak that it was only a matter of time until it would be exploited by jihadists. And while an Islamist tsunami of cyber-carnage has not exactly followed, I was not entirely wrong, either.

In March of this year a research group at the University of Toronto issued a report demonstrating that a vast spy network, code-named GhostNet, had looted sensitive information from thousands of computers in 103 countries. The majority of GhostNet's control servers were located in China.

Classified data was purloined from the private office of the Dalai Lama and various international government offices, among others. The machines affected were all running Microsoft operating systems.

Overrun with RATs

The core technology behind these intrusions was a Remote Access Terminal, or RAT. When loaded onto a victim's computer it has virtual control over the machine and is often never detected. RATs can upload or download files, scour and send email, and even control the webcam.

As a member of the group that invented the first deliberately exploitive remote access terminal in 1998, I am amazed that our invention is so effective at this late date.

Microsoft is still the dominant force on the desktop, laptop, and netbook. It is found in private homes, enterprise and government networks. And it is as vulnerable as it ever was.

This is not to say that Microsoft has made no improvements to secure its software. To be fair, it has. But the exponential number of machines running older MS operating systems, coupled with the threadbare security procedures in many institutions, has brought the chickens home to roost.

And then there is this game changer.

According to recent press reports China has deployed a secure operating system named 'Kylin'. It is being used on government and military servers and is intended to be impenetrable to the American military. However, Kylin is not exactly fresh news. It has been around since 2004 with Lenovo acting as a development partner.

As the West waits

While the West has been dithering over cybersecurity for the past decade China has been busy developing a demonstrably better platform, under the radar.

In July of this year China surpassed the US In numbers of internet users. In spite of the global economic downturn its economy is booming by Western standards.

And there is the matter of Chinese nationalism, especially popular with technically savvy youth. There are plenty of hackers in China and they're only becoming more determined.

The West is in the process of being humbled, and the University of Toronto's "GhostNet" report is just the tip of the iceberg.

President Obama's cybersecurity advisor, Melissa Hathaway, has called for cooperation between the public and private sectors.

She's got her work cut out for her, Microsoft notwithstanding.


Oxblood Ruffin is a Canadian writer and human rights activist based in Munich, Germany. He is a member of the Cult of the Dead Cow hacking collective, and Executive Director of Hacktivismo, an international group of hackers that develops circumvention technologies for users living behind national firewalls. Oxblood is a founding member of the Dharamsala Information Technology Group in Dharamsala, India, and has spoken at the University of Oregon, Yale, and Harvard law schools on cybercrime and free speech issues. Follow Oxblood on Twitter at