As the world is already reeling under the effect of the infamous global Ransomware attacks and GDPR, comes another pair of cyber threats – Spectre and Meltdown, this time being hard on the hardware. On Wednesday, January 03, as the technology sphere was gearing up for a cyber secure 2018, Security researchers, including the Google’s Project Zero team, have publicly disclosed that these vulnerabilities, which are a result of the flawed design technique applied in chips. Let’s now hike through the crests and troughs of Meltdown and Spectre. Back to the basics: What is Meltdown and Spectre? Meltdown is a processor vulnerability that reads the content of user processes on the kernel memory by creating cache loads in illegally referenced memory address locations. Spectre, however, is a vendor-agnostic vulnerability that tricks processors into starting the speculative execution process to help attackers read the temporary sensitive data stored in the processors. Although Spectre and Meltdown are two different exploits, the end result is the same – breach of sensitive data resting in a processor’s cache. These exploits could compromise sensitive and confidential data such as encrypted passwords, cookies, emails, files, images, and even security certificates. According to IDC, over 1.5 billion PCs are up and running today, out of which 90% of the PCs run on Intel chipsets. What’s more? These vulnerabilities have been lurking around and playing with our data for about 20 years, perhaps, whose existence was acknowledged not until recently. In addition, with the advent of cloud computing, it becomes easier for attackers to snoop around virtual machines using one infected machine running their malicious code backed by Spectre and Meltdown. This boils down to the way past chips have been designed to be oblivious of these flaws. What major stakeholders say In their press release, Intel has mentioned “Based on the analysis to date, many types of computing devices — with many different vendors’ processors and operating systems — are susceptible to these exploits.” Arm has revealed that some of its high-end processors based on its Cortex-A architecture were affected. This implies mobile devices, home and consumer assistants, network infrastructure and other technology running on Cortex-A are vulnerable. It goes without saying that even Apple has also fallen prey to these CPU exploits, and has announced mitigations for the same. All of the silicon valley giant’s devices, except Apple Watch, are affected by the flaws. Speaking of silicon valley giants, the climate at Microsoft is no different. All Windows powered PCs, laptops, and other ‘smart’ devices have succumbed to the vulnerabilities, and are now advised to stay on top of the security patches announced by Microsoft. Google has also released a list of affected products, including Android, along with their mitigation patches for known threats. Likewise, Akamai, AWS, etc., are some of the many vulnerable vendors, who have come up with their patch announcements. All in all, Spectre and Meltdown can affect the processors (both old and new) of PCs, smartphones, laptops, and even cloud infrastructure, regardless of the operating systems running on these processors. However, chip makers and other software giants believe that there are no known hackers using these vulnerabilities to run their malicious programs, since they have to run their code on their targets before taking control of the processors. Business impact of Spectre and Meltdown Meltdown and Spectre could have a two-fold impact on enterprises: 1. Increased cyber-attacks: Spectre and Meltdown exploits make it easier for the attackers to gain access to the most coveted, high-end credentials of the domain/network admins. Meltdown has the potential to pave way for other forms of cyber attacks, such as Rowhammer, by giving attackers access to the kernel memory layout, where the sensitive data sits. Spectre, on the other hand, doesn’t react to software patches, and can be mitigated with updates to the microcode. However, the permanent solution would be to replace the existing processors. 2. Performance to take a hit: Multi-tenant systems running massive-scale applications on their virtual and cloud/data center environments are expected to see a significant performance hit. This also includes database management systems, which rely on kernel-level calls. The initial speculation was that enterprises could see 30% loss in performance, there might be an additional one degree overhead on Operating Systems and virtual machines caused by the software patches. However, according to Forrester, enterprises endpoint devices running applications such as web browsers, messengers and document processing suite are less likely to be affected. What enterprises could do to circumvent the loophole According to Jeff Pollard, Principal Analyst at Forrester, it is imperative for all enterprises to adopt the Zero Trust security model to protect their hardware, software and cloud infrastructure against cyber attacks, which have become increasingly rampant over the years. And prevention is always better than cure. That said, here are 3 best practices to shoo Spectre and Meltdown away from your business: 1. Keep calm and updateIt is absolutely natural to get apprehensive about a security incident, but while you are at it, you should also make sure to chalk a response plan. The immediate action plan would be to avoid possible security breaches by applying software patches on time. While devices can be shielded from Meltdown with existing patches from the major players, Spectre cannot be. Hence, it would be prudent of the cyber security specialists to stay abreast of incidents and patching mechanisms. Simply put, both devices and device managers should leverage trends and stay updated. 2. Gauge your data processing requirementsEnterprises sail on a sea of sensitive data, like credit card numbers, IP and MAC addresses, IMEI numbers, and much more. One of the easy ways to minimize the risk of these exploits is to gauge and store only the relevant (read: actively utilized) data on servers and cloud, while securing the rest. This will restrain hackers from gaining access to more and more data using malware and hardware exploits. 3. Manage IT the smart wayIncident after incident, and trend after trend, there is growing demand for a centralized IT management system. At the bare minimum, your IT department should devise plans to patch vulnerable endpoint devices, and keep an eye out for any incidents. But that’s a lot of manual effort, isn’t it? A smart way to go about it, is to incorporate an intelligent endpoint management solution that provides comprehensive insights and alerts about any upcoming incidents, so you can take necessary precautions, thereby staying on top of your IT.