How to Protect Yourself from Spectre & Meltdown

    [fa icon="clock-o"] 1/18/2018 [fa icon="user"] Garett Chipman [fa icon="folder-open'] Network Security

    spectre-meltdown.png

    From WannaCry to Heartbleed, hardly an industry was spared in 2017 as sensitive corporate and consumer data was fervently stolen by hackers.

    Two new threats, known as Spectre and Meltdown, are different from those that dominated last year's headlines as they have not, as of yet, been exploited by hackers. With the information I'm going to provide, you'll be able to protect yourself and improve your network security efficiently.

    What Is Spectre & Meltdown?

    These potentially devastating bugs were discovered by Jann Horn, who is part of a group of security analysts at Google tasked with finding unknown cybersecurity vulnerabilities.

    Horn conducted tests that showed that "an attack running on one virtual machine was able to access the physical memory of the host machine and through that gain read access to the memory of a different virtual machine running on the same host." This would be unthinkable under normal circumstances and signaled a severe breach of a computer's most fundamental security protocols.

    At their core, Spectre and Meltdown are bugs found in processing chips, including those made by Intel, AMD and ARM Holdings. Processors that use a CPU feature called "speculative execution," which helps the processors run faster, can be exploited. These bugs allow unauthorized processes access to the most sensitive data on a device, including passwords, encryptions keys, and even kernels, which are the heart of any operating system.

    Security magazine reports that a hacker attack occurs, on average, once every 39 seconds.

    Spectre affects the type of chips found in smartphones, tablets, and computers, while Meltdown -- more dangerous because of its kernel reading capabilities - targets laptops, desktops and computer servers.

    Given the widespread use of processing chips with these bugs, the vast majority of devices and browsers are impacted. All iOS devices (excluding the Apple Watch) and browsers are infected, as well as Android, Microsoft devices and a whole spectrum of web browsers ranging from Chrome to Safari and Firefox.

    Also, Amazon, Microsoft, and Google all have cloud storage services. Using the Meltdown bug, all someone would have to do to gain immediate access to the data of countless cloud users is upload an application to the same shared remote server.

    How Microsoft, Apple, Google & Other Tech Giants Respond

    All three tech giants have issued patches, updates or defensive recommendations to help combat both Spectre and Meltdown.

    Microsoft released an emergency update to address the vulnerabilities in the Windows operating system. However, the updates seem to conflict with some antivirus software, resulting in the much-hated "blue screen of death" or BSOD.

    A unique key has been distributed to anti-virus vendors to aid Microsoft in safely downloading and installing the update. Patches have also been released for Chrome, Firefox, and Safari.

    While these threats are being addressed via patching, the issue is actually in the way the chipsets are manufactured. Therefore, older chipsets remain vulnerable and should ideally be replaced. Because there is currently no existing tech that solves all issues, the industry is waiting until newer tech is deemed viable before making recommendations on replacement chipsets.

    What Can You Do?

    People often ignore updates to their software, anti-virus or operating systems. But doing so leaves you vulnerable to threats like Spectre and Meltdown.

    I recommend using an ad-blocker like uBlock Origin, as malicious code can, and often do, appear on even the most popular websites. 

    Regularly change passwords for accounts that house sensitive data like banking, credit card or email accounts and only download updates directly from the manufacturer. You should never click on or download any "update" that comes in the form of an email.

    Although these threats are being addressed via patching, since the issue is due to the way the chipsets were manufacturered, older chipsets remain vulnerable and should ideally be replaced.

    Since there is currently no existing tech that solves all issues, the industry is waiting until newer tech is deemed viable before making recommendations on replacement chipsets.

    Conclusion

    According to Small Business Trends, 43% of all cyber attacks target small businesses.

    With Spectre and Meltdown affecting so many devices and browsers, hackers have a lot of opportunities to get their hands on valuable corporate and consumer data. Companies like Google, Apple, Microsoft, and Amazon have issued necessary countermeasures.

    However, these defenses are only useful if businesses and consumers are adequately educated about the dangers of Spectre and Meltdown and take the appropriate steps to mitigate them.

    While it will likely take years to eliminate the threat of these bugs entirely, businesses like yours can take action now to protect themselves and the clients they serve.