Last week, security analysts announced two of the most damaging cybersecurity threats on record: Spectre and Meltdown. These threats can obtain passwords, log-ins, personal info, intellectual property (IP), tap into secured databases, as well as collect SSL keys and more. Unlike the Distributed Denial of Service (DDS) attacks of last October with Mirai, wherein networks were being overloaded to the point of shutdown, the Spectre and Meltdown attacks occur at the processor-level and affect just about everyone.
Meltdown specifically affects all Intel microprocessors and a handful of ARM-based microprocessors, which allows for a rogue process to read any you computer memory, regardless of whether it should be able to or not, even through encryption.
Spectre, however, has a wider reach; affecting all Intel, AMD, ARM CPU processors from 1995 to current ones. These vulnerabilities occur because existing flaws in the processors can be exploited and allow for large amounts, if not all, the memory to be “dumped” or reviewed by unapproved users. What makes Spectre so haunting is that these attacks can be initiated on any device type, including desktops, laptops, servers, mobile devices, etc.
This form of attack tricks programs into revealing private data and can even modify the state of a CPU’s data cache for future exploits. Currently, Spectre is somewhat difficult to employ, but if streamlined and or automated, it could prove disastrous.
According to the Diamond SIS security team, there are about three variations of the Meltdown and Spectre attacks:
- Meltdown: Rogue Data Cache Load – A user can run the crafted code and force the CPU to read memory from a cache before an asynchronous permission check occurs.
- Spectre: Bounds Check Bypass & Branch Target Injection – A user can trigger an out-of-bounds-index error in an application can “see” data from another process that’s pulled from the CPU’s virtual memory, and can then create vulnerable code.
- Additionally, an unauthorized user could attach code that will force the CPU to speculatively execute an indirect branch, therefore leaking memory from another process into a CPU cache to then read the contents later on.
Patches & Recovery
Vendors are currently trying to assure customers and mitigate vulnerabilities by releasing patches and updates; however, at this time, there is no patch to “fix” Spectre. In part, this is due to the number of types of processors affected, but also because there are a variety of ways Spectre can be used.
There are patches available for Meltdown-vulnerable processors. However, performance could be affected by certain workloads.
Rest assured, the Diamond SIS team can help you navigate these and future threats through their new Diamond Managed Security Services (DMSS). The DMSS security team has an action plan and has already begun taking steps to mitigate and address the potential customer risks and issues related to Spectre & Meltdown with-in the hosted platform of Diamond SIS.
For more information on DMSS or other questions, please contact Customer Support or go to DiamondSIS.com. You are also invited to register for our upcoming Cybersecurity webinar on Thursday, January 18th at 12 noon CST by going to: