The roller-coaster that is Meltdown and Spectre has been a unique ride, and doesn’t appear to over. But there is more to take away from this story than a prolific vulnerability.
The security world stood in shock and awe early this year as news of Spectre and Meltdown began circulating. These vulnerabilities affect how operating systems interact with a computers CPU. It affects all major brands of CPU (Intel, AMD, ARM), on every platform (Mac, Windows, and Linux), since 1995. This alone is interesting – but wait, there’s more.
The initial patches published by manufacturers had sprawling performance impacts – up to 30% in some instances. Systems hosting virtual machines were particularly affected. Customers of cloud-based hosting platforms reported outages and noticeable performance issues. Some manufactures have recommended NOT applying the initial patch as they research a better solution to this problem. This is more interesting – but wait, there’s even more!
Security researchers from Fortinet have collected over 100 unique samples of malware attempting to exploit the Meltdown and Spectre vulnerabilities. Compared against previous vulnerabilities of similar impact (WannaCry and NotPetya), a very discouraging trend is noticed. The speed that malicious actors (aka, hackers) are adopting and implementing new vulnerabilities is increasing. This is VERY interesting.
How does this impact the average joe computer user? The time from when a vulnerability is discovered and patched is usually quick. In the order of days. In this case, some vendors are still working on a patch. But in concert with this, we have a situation where the bad guys are weaponizing exploits FASTER than the vendors can patch them!
The best protection from Spectre and Meltdown attacks is the same as any other attack – good cyber hygiene. Ensure operating systems and applications have the latest updates. Be very cautious of emails containing links or attachments, even if they appear to be from a known source such as your bank or family member. An ounce of prevention is worth a pound of cure!
About McCann Global:
In today’s complex legal cases, evidence is rarely singularly digital or traditional, but begins in one realm and quickly cross over into the other. The days of an investigation involving merely taking statements and photocopying documents are all but things of the past. Modern evidence gathering requires the agility to go where the evidence leads, no matter the source.
This not only means overcoming the challenge of understanding the ever-evolving web of digital evidence, but owning the entire evidentiary space; The nexus of both the digital and the non-digital.
McCann Cyber runs the table in this space. We either have the digital or traditional expert you need on staff, or we know that expert…. personally. McCann operates its own dedicated state of the art digital forensics lab, staffed with certified technicians, supplemented with a former cyber prosecutor, veteran law enforcement investigators, government cybersecurity experts, and certified fraud examiners. McCann is the only turnkey solution for the gathering, processing, analyzing, and reporting all types of evidence, no matter the source. Our team, drawn from both government service and private industry, has the resources, knowledge, and experience to provide expert testimony ensuring the evidence is both relevant and defensible in all proceedings.
McCann Cyber IS that nexus.