Meltdown and Spectre :: What do I need to know?
As an IT professional, we expect security issues and patches, its a way of life in the ongoing war against hackers. Not really sure who is to blame for this new global, and I mean a real global threat, from two really large security holes that affect every single person using any device that connects to the Internet. In my 27 year career, I believe this to be the single largest security issue to date. Can anyone remember a security threat that affected every device with a CPU made since 1996? Phones, tablets, laptops, Apple, Microsoft, iOS and Android!
What’s really crazy about this is that there is no real clear fix to this other that replacing every device out there or continued Band-Aid patches to fix what hackers will exploit. I’m not trying to scare anyone, but I can tell you as an IT professional, this is pretty scary. Most people are hardly aware of how many different ways our information is stolen now, how easy it is to fool the average user to fall for a phishing email, or mistype a common website name and get redirected to an infected website. User on-line use behavior is still our biggest obstacle in security because very few firms invest in employee education for best practices and threat prevention.
I want to share a few slides from some of the recent cyber-security seminars attend last year and realize that now of this takes into account the new threats posed by Meltdown and Spectre:
Most common Ransomware is bypassing tradition security precautions and safeguards because used are uneducated on detecting who they are spread. We patch, we protect, we firewall. A single user can by-pass all of this with a single click on a Phishing email. Now its behind the firewall, looking for more victims on the file shares and mapped drives on the LAN. In less than an hour, public and user specific shares are compromised.
An even bigger issue is with cloud file sharing security issues like Dropbox. Let me give you some real world examples that have actually happened:
I use an Apple Mac so I don’t have to worry about those kind of threats!
Wrong: An employee has a Mac at home which has Dropbox installed to share work with his home and work computer. His work computer has Windows installed as 95% of companies do. He/She downloads and reads a PDF file send from a trusted friend on the Mac and saves it to his Dropbox to access it from work. The Mac has no software designed to look for and protect against infected PDFs so it cannot scan or detect the presence of Windows based malware or ransomware. They get to the office and open it to read it instantly infecting the work machine’s memory, (these no longer need to be programs as they can use live memory to create connections and download virus payloads from direct memory,) which installs a malware or Trojan payload and gives the hacker access to the machine and the network its attached to.
This is happening everyday and the best prevention in addition to mainstream protections is: User Education and Daily Backups.
Why are employers not inventing more time and resources to this? That is the BILLION $$$ question. Employers, your wake-up call is now! This is something every employer should be doing to safeguard your business and your clients. I have spent the last year doing free seminars to small business owners in the Houston area as well as presenting to parents, children and students about this topic. If you do not have this in your budget for 2018, add it now!
What can you do to protect yourself?
Here are the simple basics to protection against most of our threats today:
- Use a good cloud-based protection suite like those available from Bitdefender and AVG that includes Browser Protection and Active memory scanning. Bitdefender has a great Ransomware protection product included that I highly recommend. Update this software every day before updating your system.
- If you have a Mac, the above providers have solutions to protect Macs, PCs, Phones and Tablets (iOS and Android) from known threats.
- Services like Dropbox and OneDrive are file sharing services, not backup solutions. Purchase a 2TB USB drive and use a backup solution that copies your backup to that drive daily and disconnect it (important). Most drives from WD and Seagate include backup software that is adequate. On your mac, use Time Machine.
- If you are not sure about a file, even if it is from a friend or trusted source, most AV software allows you to right-click on a file and scan it instantly to check it. When in doubt, scan it!
- Set your system to check for updates everyday and install them at night. System patches are a front line protection to security issues. Make sure your browser is updated and stick to Firefox or Chrome. Microsoft Edge and Internet Explorer has a history of exploitation by hackers.
- Meltdown and Spectre affect every connected device we use on a daily basis. Keep your phones and tablets updated as well.
If you have an AMD based processor in your system, there is a known issue with the update from Microsoft that makes the system unbootable. Microsoft has disable the update for those systems as of this writing. They will announce a fix and it will be released soon. Keep an eye on Tech news sites like Cnet, ZDnet or TechRepublic for an announcement.
If you want to read more about these threats, which are new over and above Ransomware, (which netted hackers about $6.6 billion in 2017,)
follow this link to one of many news articles about this on DataBreachToday.com.
If you have any questions about the content here and/or the topic covered, please comment. I will respond. We want to help through education.