Security

Swapping Linux for Windows in Munich too risky after WannaCry attacks, warn Greens

Munich's Green Party says the recent WannaCry ransomware attacks on Windows machines worldwide highlight the danger of the city abandoning its Linux-based OS.

munich-panorama-620px.jpg

The city of Munich.

Image: Björn Kindler

Open-source pioneer Munich has been warned the city could face increased risk from hackers if it goes ahead with a planned return to Windows.

Munich spent nine years and millions of euros shifting some 15,000 staff to a Linux-based OS and other open-source software, but is now expected to swap Linux for Windows 10 by 2021.

However, Munich's Green Party says the recent WannaCry ransomware attacks on Windows machines worldwide highlight how much more of a target Microsoft's OS is for hackers than Linux-based operating systems.

"As with many of the biggest attacks, the computers that were mainly hit were running the Windows operating system," the Green Party said in a statement.

In light of the volume of attacks on Windows, Dr Florian Roth, leader of the Green Party in Munich, said that abandoning a Linux-based OS makes little sense.

"It seems very strange to change from a stable and secure platform to a system that's attacked more often and more effectively," he said, adding, "it is particularly important that we keep the risk of such an attack as low as possible".

Don't miss: Munich: The journey from Windows to Linux and back again (free PDF)

Roth points out that even existing mayor Dieter Reiter, whose SPD party recently backed the return to Windows, has previously said that Microsoft products are a more attractive target for malware than Linux systems, due in part to the much wider use of Windows PCs.

The Green Party is now calling on mayor Reiter to assess whether the danger to the municipality from malware would increase if the authority were to return to Windows. The city council says it will respond to the Greens' request in the coming weeks.

The WannaCry ransomware epidemic hit over 300,000 PCs in 150 countries around the globe, using worm-like capabilities to spread and infect Microsoft Windows machines. Computer systems were knocked offline in hospitals across England, European car plants, in Russian banks and Chinese schools and colleges.

The Windows vulnerability that WannaCry exploited was patched by Microsoft in March this year, with it later emerging that most of the infected machines were unpatched Windows 7 PCs.

Last month, TechRepublic's Jack Wallen argued that the WannaCry attacks "make an easy case for Linux", saying that "by design, Linux is far less susceptible to the likes of WannaCrypt than is Windows".

The broader argument about the relative security of open-source versus proprietary software has raged for many years.

In 2014, the CESG, a department of the UK's GCHQ intelligence agency that advises UK government on IT security, assessed the Linux-based Ubuntu 12.04 to be more secure than other Windows and mobile OSes available at the time. In 2013 Dr Ian Levy, then technical director with the CESG, said there was "no objective evidence either way" supporting proprietary or open-source software as being more secure.

Microsoft has not yet responded to a request for comment, but has previously described Windows 10 as "the most secure version of Windows".

Within Munich, there is support among the city's ruling SPD-CSU coalition for phasing out the use of open-source software, and the council took the first step back towards Windows 10 earlier this year.

However, in March the man in charge of Munich's central IT provider, IT@M, said there is no technical reason to switch back to Windows.

Munich's administration is investigating how long it would take and how much it would cost to build a Windows 10 client for use by the city's employees.

Once this work is complete, the council will vote again on whether this Windows client should replace LiMux, a custom version of the Linux-based OS Ubuntu, across the authority from 2021.

Read more on Windows and Munich...

About Nick Heath

Nick Heath is chief reporter for TechRepublic. He writes about the technology that IT decision makers need to know about, and the latest happenings in the European tech scene.

Editor's Picks

Free Newsletters, In your Inbox