Cyber security researches recently announced the discovery of two major security flaws that could allow hackers to bypass regular security measures thus putting data that is normally secure at risk. They’re called Meltdown and Spectre – and they’re both caused by design flaws found in nearly all modern processors. This means that hackers can exploit these vulnerabilities and access data found on personal computers, servers, cloud services and mobile devices.
So who are these cyber villains?
Meltdown – this flaw can be used to break down the security barriers between a device’s applications and operating system in order to access the device’s data.
Spectre – this flaw can be used to break down the security barriers between a device’s different applications and access sensitive data such as passwords, photos and documents – even if those applications adhere to regular security checks.
And what has been done to fix the flaws?
When Meltdown and Spectre were first discovered in 2017, researches immediately reported them to major hardware and software companies so that work on security fixes could begin without alerting hackers. This means that services and applications offered by companies such as Microsoft, Google, Apple and Amazon have already been updated to help protect against the flaws.
However, your organisation should not rely solely on a software patch to protect against these vulnerabilities.
What else can you do?
Here are a few simple steps you can take to protect your systems and devices from Meltdown and Spectre:
- Make sure all your devices are updated immediately, and check for new updates regularly. Don’t rely on the providers to tell you there’s an update available.
- Contact any cloud service providers and third-party suppliers to ensure that they are protected against Meltdown and Spectre. Cloud services and computer servers are particularly vulnerable to the exploits as they often host multiple customers on a single device.
- Install antivirus and firewall systems to protect against regular malware. It is believed that hackers need to gain access to a device in order to exploit Meltdown or Spectre. Keeping your devices free of malware can help prevent data theft
FOCUS can help you find the right insurance solution to protect your business. Use our Cyber Risk Exposure Scorecard to work out your risk level.
Working with our partners at cyber and data risk specialists, Berea Group we can also offer you training and compliance solutions.
If there is anything we can help you with in the world of cyber risk, whether it be insurance arrangements, advice or training, please do not hesitate to contact us