Two new scary sounding cybersecurity threats are here to disrupt your winter slumber.
If you thought you were safe behind your cozy warm firewall, blissfully secure in the thought that your favourite cloud vendor had offloaded all of your risk onto their robust infrastructure—you might want to sit down.
Two new scary sounding cybersecurity threats—Meltdown and Spectre are here to disrupt your winter slumber. While we might previously have found a duo of malicious exploits to be a special case, these days hacks of this nature are becoming the norm.
As with any breaking cybersecurity news, there is often a “fog of war” that means you need to be vigilant about what you read and how you act. Google has a detailed technical piece and Anandtech wrote up something a little more consumable to get you started.
Meltdown and Spectre are CPU exploits that impact primarily Intel and ARM chips. AMD chips are susceptible to Spectre but not Meltdown. This means that nearly every computer, server, phone, and even IoT device on the planet is at risk.
The exploits allow malicious code executed on one part of a CPU to access information being executed on another part of the CPU. The methods by which a typical hacker could access your CPU requires them to have machine access. For IT departments and homeowners good endpoint protection, like always, is needed. In this way the security risk is no different than others that have come along this week, month, and year. They are a daily occurrence. We also need to ensure our devices are updated, software patched, and security in place.
What makes these latest exploits special is that in a shared environment, where multiple organizations are using the same machine (i.e. the cloud) to build applications, the exploit could be intentionally introduced to hardware directly by a hacker using the service or indirectly by another organization who’s security may not be as good as yours. It is an illustration of the risks of a shared infrastructure and the importance of our shared responsibility in protecting it. The organizations that have the biggest worries include CPU vendors themselves and the big cloud vendors. The true impact is still being assessed as the easy fixes have the potential to degrade the performance of some of their services.
So if the exploit is only usable by those with direct access to the CPU then I am safe, right? Well, not necessarily. As researchers have reported, the Spectre exploit can be run with Javascript, so it is essential to have good protection in place to keep your systems and your users safe—this includes a DNS Firewall to protect against bad links.
Rob brings over 20 years of experience in the technology industry writing, presenting and blogging on subjects as varied as software development tools, silicon reverse engineering, cyber-security and the DNS. An avid product marketer who takes the time to speak to IT professionals with the information and details they need for their jobs.
