Meltdown-and-Spectre-1-2
23May 2018
Nathan DeSutter
New Spectre Attack

Another variant of the meltdown and spectre bug has been detected. Beyond just versions or variants of the original, these are new vulnerabilities. Cause is the same, an exploit to a feature found in all modern CPUs, designed to control performance, can be altered to allow an attacker access to privileged data beyond trust boundaries.

What does this mean to you?
Depends. Do you use shared or cloud servers? Then your subject to data theft. More below.

If your servers are on prim, your metal, your gear, your stuff, and not shared, then your fine. Move on until the next ransomware variant. Stay updated, keep staff cyber security training top of agenda and make sure your IT Security systems are up to snuff.

If your using any kind of cloud or shared hosted servers that has a modern day CPU then your absolutely vulnerable. (Azure, AWS, Office 365, Shared Hosted Servers, etc.)

In a nutshell, this bug allows an attacker to see data passing through the CPU which they are not privileged to see. Remember on a cloud or shared host, your sharing the same server metal, CPU, memory, all the hardware used to provision your data, ERP, email or whatever other data you have on cloud. At any given point in time, data is passing the CPU for any number of other customers. One millisecond a CPA financial projections are calculating, next millisecond electronic medical records are being read, then your M&A agreement hits the CPU, or passwords to your financial institution. That data is supposed to only be accessible by you. But with Spectre, the attacker can actually read buffer data outside their sandbox and peer right into your bits and bytes.

So for some this is no big deal. It would take a direct, sophisticated exploit to read someone’s else’s data. But for others this poses a massive public exposure to confidential data. Possibly financial or PR ramifications to start.

What to do?
Get it patched. Make sure you have a close relationship with your cloud or hosted server provider and find out if they have patched this bug. Last round in Jan 2018 when Spectre and Meltdown were first discovered, Amazon and Azure forced the update to all servers. That was great, but it did cause an uncontrolled outage window. So be aware. Advise your team of the impact. Consider customer engagement informing of impact to services you provide.

For the most part, it’s rather unlikely to be effected. But this is a hard to pass offer for a cyber criminal or hacker looking to cause havoc.

Stay alert to any private data finding its way in the wild. Consider google alerts, works great for this.

Some details from the original details found here: https://spectreattack.com/

Happy Clicking!

Nathan DeSutter
IT Consultant

IT as a Profit

We Declare that everyone's IT should be a PROFIT POINT and NOT an Expense. Our clients profit more than the IT Department investment. The methodology is...