Google Cutting Windows OS Doesn't Address Security Problems, Experts Say

Google might be indirectly fingering Microsoft for the Operation Aurora attacks by reducing its internal reliance on Windows operating systems, but security experts say that the alleged move would not address true vulnerabilities that stemmed from users.

According to a Financial Times report Tuesday, Google could be phasing out its internal use of Microsoft's Windows systems, possibly due to consistent critical vulnerabilities in its Windows operating systems that have led to attacks. New hires are now given the option of using Apple Mac or Linux-based computers, the FT said.

Ostensibly, Google's decision to part ways with Microsoft was spurred from a massive malware attack, known as Operation Aurora, which targeted the search engine's network and the systems of more than 30 other high profile corporations.

Aurora was a coordinated attack, executed in January, which exploited a critical vulnerability in Microsoft Internet Explorer. The attack subsequently enabled the hackers to enter the network of Google and more than 30 other corporations and access sensitive company assets such as intellectual property.

Google was already considering a comprehensive platform change, and was starting to encourage users to adopt its impending Chrome OS, however the attacks likely accelerate the decision for an impending operating system overhaul, the FT said.

However, security companies are coming swiftly to Microsoft's defense.

Security experts at McAfee Labs contend that the real source of the Aurora attacks was not technology or the security of the operating system, but instead was linked to the weakness of the targeted users.

Dave Marcus, security research and communications manager at McAfee Labs, said that cyber attackers have the ability to write malware for any operating system, including Mac OS and Linux. No platform is impenetrable, he said.

"It's irrelevant. The ability to write malware for any operating system is easy," Marcus said in a CRN interview. "My whole point is that it doesn’t really matter. The ability to get that information from your targets trumps whatever technology you have."

Marcus said that regardless of what operating system Google was using, attackers would have found some way to infiltrate its network in light of the fact that the action was targeted, as opposed to being a mass distribution attack. The attackers were knowledgeable of the company's operating system and Web browser and were able to create an appropriate attack to serve their needs.

"The attackers who launched Operation Aurora knew their targets well from both corporate and personal viewpoints they knew what their victims were running and what their roles were. The attackers even knew what application versions they used," Marcus said in a blog post Tuesday. "The intel that the attackers gathered to make Operation Aurora work is what made it a success -- not the operating system involved. The targets were people."

Security solution providers maintain that often attacks like Aurora occur when users fail to install patches for Windows or other operating systems or update the latest version of the Web browser in a timely manner.

"Too many companies redefine their timeline to patch deployment that's too long," said David Sockol, CEO of Emagined Secruity based in Santa Clara, Calif. "When something that should be employed in 30 days is taking 180 days to put in place, that's where the problem exists."

Meanwhile, Sockol echoed Marcus' sentiments about what appeared to be a knee jerk reaction on Google's part that would do little to address an underlying problem stemming from lack of user awareness and education.

"There were not just hackers on the side. These were professionals. These were folks who knew what they we doing," Sockol said. "Google has a bit of a challenge ahead of them if they think just changing out the operating system is going to solve the problem."