Security researchers recently discovered a hardware information flaw in computer processors across millions of devices, allowing access to your machines’ deepest inner workings and compromising your privileged information. Initial reports alluded to a single vulnerability, a flaw in Intel chips, but there are two: “Spectre” and “Meltdown.”
Everyone is at risk. These vulnerabilities affect all devices running the flawed processors, including desktops, laptops, mobile phones and infrastructure utilized by cloud service providers — the majority of today’s systems. This exclusive CyZen article brings these two potentially devastating vulnerabilities into focus and provides actionable steps to help you safeguard your personal information.
WHAT MAKES SPECTRE AND MELTDOWN SO INSIDIOUS?
Spectre and Meltdown exploit the side effects of a process known as speculative execution — a performance optimization technique in which a computer system tries to predict executed instructions.
What makes these two vulnerabilities so devastating is that they are hardware-based flaws that allow access to sensitive information, affecting practically all computing devices. Hardware flaws are notoriously difficult to fix completely since that would involve a recall, which is not feasible given the number of processors affected.
Both vulnerabilities allow hackers to spy on confidential data in different ways. Spectre tricks processors into executing code it normally would not — allowing access to privileged data stored in other programs’ memory space. Meltdown’s distressing capabilities “melt away” the protective border between programs and the operating system. This allows an attacker to gain access to sensitive information that resides in computers’ supposedly protected memory.
IMMEDIATE ACTION YOU CAN TAKE
First, do not panic. While the Spectre and Meltdown vulnerabilities are significant, attackers typically exploit low hanging fruit first. Since these vulnerabilities affect a large number of devices, they do make an attractive flaw for attackers to exploit.
While the steps below may vary by industry, company and frameworks, they are a good benchmark for establishing your “cyber hygiene” routine to increase your environment’s resiliency and mitigate the impact from most emerging threats:
- Ensure your systems are fully patched and updated
- Ensure you have malware detection/prevention software installed and updated on your system
- Limit the number of administrative accounts (i.e. not everyone in your organization requires local administrative privileges to their device)
- Monitor the use of administrative accounts to detect suspicious or malicious activities
- For home computers, create a non-privileged or non-administrator account to perform your normal actions on the device (surfing, document processing etc…). Only use your Administrator account to install required software or make changes to the system
- Actively scan your systems for existing vulnerabilities
- Perform an annual penetration test to identify vulnerabilities and measure the impact of exploiting those vulnerabilities
- Conduct table top exercises to assess and validate security processes
- Conduct simulation exercises such as Spearphishing campaigns to measure user awareness regarding emerging cyber security threats
HOW WE CAN HELP
For guidance on how to safeguard yourself from these and other emerging cyber threats and to optimize your current operating systems, contact Will Mendez wmendez@FriedmanCyZen.com or your CyZen cyber security advisor.