Over the past week there has been a lot of news coverage regarding security issues known as ‘Meltdown’ and ‘Spectre’. This is a very real issue, which affects individuals and businesses across the globe. There is no need to panic however, as this threat has effectively been present within your ICT infrastructure for many years. Having said that, you can bet that there will be hackers looking to exploit the weakness before it is patched; so, you need to be informed of the facts and the potential impact it can have on your business and data.
What is happening?
Meltdown and Spectre are two separate threats, but they are broadly similar, so we will treat them as one. In summary, a major flaw has been discovered in all Intel, AMD and ARM microprocessors (which are present in most Servers, PCs, Firewalls and Smartphones) that could allow sensitive data, such as passwords and crypto-keys, to be stolen from the machine’s memory via malware, bad websites and malicious attacks.
One of the ways processors are able to perform so fast is to rely on ‘speculative execution’. Effectively they do their best to ‘guess’ which instructions will be executed next, fetch those from memory, and carry them out and 95% of the time they guess correctly. If the CPU guesses wrong, it has to undo the speculatively executed code, and run the actual commands required. Unfortunately, the processors do not completely walk back every step taken when they realise they’ve gone down the wrong path, which leaves remnants of data in their temporary cache that can be accessed later, potentially maliciously.
Can it be fixed?
The good news is that the resolution is a simple one, but the bad news is that the impact on devices could be significant. Microsoft are in the process of releasing patches via a Windows Update, however the patch will effectively stop the processor using speculative execution, thus resulting in up to 30% slower processing speeds. Whether this will have a noticeable impact on day to day productivity will largely depend on what type of processor is installed on the relevant devices and how hard they are being worked. Until the patch is applied, it is impossible to tell.
However, it is imperative that you or your IT department have ensured that your Anti-Virus is up to date and compatible with the patch, as ‘blue screens’ and crashes when applying patches to machines with an incompatible Anti-Virus have been seen.
What needs to be done:
Your IT department or outsourced IT support company should be planning the best way to apply a resolution to you as quickly as possible; but this needs to be performed in a measured fashion that will impact your-day-to-day business operation the least.
They will check that your Firewall firmware up to date, then apply relevant patches to your server(s) and then work with you to ensure that all users get the latest Microsoft updates and apply them to their devices.
While your IT people work on this it is worthwhile reminding your staff:
- To be extra vigilant
- Not to visit any bad websites
- Not to click on any spurious links in emails
- Not to open any attachments from people they do not know or trust
- To report anything suspicious to your IT department immediately.