meltdown and spectre

Meltdown and Spectre: what you need to know

“Had these threats been overlooked, there’s really no telling how much disaster these security breaches would have caused in terms of potential loss of sensitive data.” Jill, Council of Europe IT expert.

 

At the beginning of 2018, research was published revealing that nearly every computer chip that has been manufactured over the last 20 years contains fundamental security flaws. Specific variations on those flaws were called Meltdown and Spectre. These flaws came from certain features that are built into chips to help them run faster. While there are software patches available to remedy the issue, it’s important to note that they could negatively impact system performance. It is also worth noting that should these flaws be exploited, the intrusion could prove very hard to detect. Security experts have called the problem “catastrophic”, given the fundamental nature of these flaws and the widespread nature of the problem.

 

So how exactly do Spectre and Meltdown work?

In a nutshell, Spectre and Meltdown are responsible for the exploitation of critical vulnerabilities in modern processors by allowing programs to steal data that is currently being processed on the computer. Even though programs aren’t typically permitted to read data from other programs, malware can exploit Meltdown and Spectre in order to get ahold of secret data that is stored in the memory of other running programs.

 

How can these vulnerabilities affect you personally or harm your business?

Meltdown and Spectre can lead to your data being stolen or hijacked by ransomware, resulting in the loss of: passwords stored on a keychain / password manager or browser, personal photos, emails, instant messages and sensitive business documents.

The Meltdown and Spectre vulnerabilities affect personal and business computers, mobile devices and the cloud.

In an interview with HashKey InfoSec, Jill, an IT expert working with the Council of Europe in Strasbourg, France, recalls how his department came across that particular issue a few months ago.

“We were first made aware of the Spectre and Meltdown threat through security bulletins, detection from our own anti-virus software and because we’re constantly scanning various online security forums for information.

Usually, the first person to become aware of problems like these is the Chief Information Security Officer (CISO), whose job it is to be aware of all security problems that the institution may face.

Obviously the issue was addressed and appropriate measures taken. Had these threats been overlooked,  there’s really no telling how much disaster these security breaches would have caused in terms of loss of sensitive data.

When it comes to facing issues like these, the Council of Europe deals with the same type of security risks any other business faces on a daily basis. The list of security threats we have to anticipate is constantly updated in order to limit our exposure to critical threats to the data and the systems we work to keep secure”.

 

The breakdown / digging deeper

Meltdown: this vulnerability essentially breaks down the most fundamental isolation between user applications and operating systems. This form of attack enables a program to access the memory, thereby also accessing the sensitive / secret data stored on both other programs as well as the operating system.

Spectre: this vulnerability breaks the layer of isolation between different applications, thereby enabling attackers to trick error-free programs into leaking their most sensitive data. The programs following the best safety practices are likely to be attacked, since they use safety checks that increase the attack surface and may make applications more susceptible to targeting by Spectre.

 

How can I protect myself, my family and my business from the serious data breaches associated with these security flaws?

If you’re using a computer that has a vulnerable processor and is running an unpatched security system, your sensitive data is at risk. Contact a cyber security professional to scan your systems for any breaches you may not have noticed and install the appropriate security updates.

Bear in mind that due to their respective specificities, it is harder to exploit Spectre than to exploit Meltdown, but a successful Spectre exploitation is also harder to mitigate.  Again, these exploitations can be avoided by having a professional inspect your systems.