Blame Intel, ARM and AMD Microchips for Cyber-Breach – Kualitatem
- January 8, 2018
2017 was under attack right from the beginning. According to stats, there were 918 cyber breaches that affected 1.9 billion data records only in the first six months of the previous year. WannaCry, NotPetya, HBO hack games, and Equifax information burglary being just a few names topping the list.
But, sadly, it seems like it does not matter even if developers create a tough firewall, loopholes still exist and there will be more security threats in the future
Speaking of which, on January 3rd, researchers came across some serious loopholes in the security baselines of Central Processing Units, also known as chips or microchips, putting personal stored data be at stake! Surprisingly, these chips are products of some credible names in the industry, namely Intel, ARM, and AMD.
What’s the sorcery behind Meltdown and Spectre?
Three researchers from Google, Cyberus Technology and the Graz University of Technology discovered information about two prominent bugs; Meltdown and Spectre back in June 2017.
Possibly, the renowned companies wanted to keep the security flaws under the cover until they get fixed, but guess it took longer to fix them.
However, the details about the furtive bugs were unveiled on January 3rd and have already begun fuming threats over personal information of billion users.
- Meltdown is observed to harm computers, laptops, and every internet server connected with Intel chips. It is able to steal your passwords and private data from the memory cards. The threat can be traced through CVE-2017-5754.
- Spectre is a severe threat that is likely to affect chips installed in the smartphones, tablets, as well as computers driven by Intel, ARM, and AMD. It is believed to threaten the speculative execution of the modern microprocessors that are used to improve the speed.
Shockingly, according to a senior analyst at IDC, Bryan Ma, suggests that every device and database connected to cloud-based environments are too at high risk!
With nearly 1.5 billion personal computers being used worldwide, approximately 90% of them are driven by Intel chips (as per IDC). In other words, customers need some serious help here!
It’s sound like IoT Testing needs to take center-stage right from the very beginning of the year!
Though the danger is big, the only issue is that the security gaps cannot indicate the depth of the attack. The UK’s National Cyber Security Centre (NCSC) explained that there was no evidence that the weakness had been exploited or any information was stolen.
In addition, Technology analyst Jake Saunders from ABI Research believes that It wasn’t precisely clear what kind of information was at risk, but since the security gaps had been exposed the real question here is whether other parties can identify and possibly exploit them.
Well, maybe we have a chance until a hacker exploits anyone of us. No pun intended.
How can we cater to these security flaws?
Instead of panicking, it’s time to pull up the sleeves to identify a solution. Some tweaking may help in securing any private and sensitive information.
Here’s a good news: hosting companies have come forth with a response and have dispatched new versions that can the cater to the vulnerability crises and most importantly, secure the data. The following list created by Digital Shadows will promptly answer your questions:
But keep this in mind, Spectre is still a red alert because no strong patch has been released by any one of the company. Furthermore, the owners need to test the patches before they shipping them off to the users.
Let’s hope, it won’t get as disastrous as WannaCry!