Saving Your Business From Meltdown and Spectre
For several weeks, the IT community has been in a flurry trying to contain the damage caused by two hardware bugs: Meltdown and Spectre.
Meltdown and Spectre differ from other attacks in that they aren’t confined to a single operating system (OS), device or program. And because they exploit vulnerabilities in modern processors, they’re harder to control and fix.
Fundamentally, the two issues work differently, but to reach the same goal. Meltdown breaks the barriers between user programs and the computer’s operating system, which allows individual programs to access your computer’s memory. Spectre, on the other hand, breaks down the barriers between individual applications and allows attackers to trick otherwise secure applications into spilling their secrets.
Both exploits take advantage of a common process called speculative execution, which allows computers to perform multiple tasks at once without compromising processing speed. This process is used by the vast majority, if not all, of desktop and mobile devices created after 1995. All processors implement speculative execution in different ways, but all use it in some form or fashion. No one processor is immune.
What this means for you
It is nearly impossible to know whether or not you’ve been affected, as Meltdown and Spectre leave no trace in traditional log files. It is certainly within reasonable expectations, though, to assume that your system has been compromised.
The good news is that there are patches being developed and released to fix the vulnerabilities that Meltdown exploits. The bad news is that they can cause your machines to function up to 30 percent slower, or, in some cases, not at all.
It will be years before we will be rid of Spectre. It will take a new generation of microprocessors to completely subdue the flaw. And while some software patches mitigate known effects of Spectre, it won’t be gone for several years.
The best advice we can give is to implement the software patches that purportedly fix the Meltdown vulnerabilities, while maintaining a strict backup policy. If one patch results in a loss of data, you’ll want the option to restore it.
There’s no good solution right now, and we have a long way to go before we see one. If you suspect your network has been compromised, contact your IT team for next steps.