The recent announcements regarding a design flaw in central processing units (CPU) within computers has sent businesses, PC manufactures and software publishers into a security spin. The two major vulnerabilities aren’t your normal software bugs which steal memory or data, but rather they affect the processors within these devices.
The processors affected are Intel, ARM and AMD which are placed within most devices, including desktops, laptops, mobile devices and servers. While the bugs were found in June 2017, the announcement has only been made this month which allowed software and hardware vendors time to develop security patches.
Apple have stated their smartphone and Mac devices not running the latest iOS update could be affected by the vulnerabilities. Considering there are approximately 1 billion iPhones being used in the world at the time of writing this blog, the opportunity for someone to exploit the vulnerability is immense.
The wider implications of Meltdown and Spectre have seen Microsoft, Amazon and other cloud providers taking their services offline at times to update the systems and mitigate the threat.
How can Spectre and Meltdown affect my business?
Meltdown affects certain Intel and ARM processors by reading the commands contained deep within your processor to snoop for information. It could co-ordinate the command and redirect the data into other non-secure areas of your device or network.
If your business has any PCs, laptops, or if you have remote workers using iPhones, tablet devices or you store information in the cloud, then you could be affected. Even the device you are using to view this blog could be vulnerable to these threats if it’s not been updated within the last few months; that is the severity of the issue.
What should you to do protect your business from Spectre and Meltdown?
- Apply the latest patches to your hardware and firmware as well as running the updates to your anti-virus software
- Ensure staff are warned and vigilant of any issues on their desktops or devices; if anything seems suspicious then report it immediately
- Purchase new hardware devices for your business; a costly option but one that will ensure you aren’t affected by these vulnerabilities
- Backup critical data to an offsite location as a precaution for any current or future threats
As a business, we have taken precautions and we urge you to do the same. If you require any support, swcomms can provide your business with IT support and security solutions to protect your business.