Mitigating the Meltdown/Spectre vulnerabilities

Digital Perspectives

New Views. Applied Now.

February 27, 2018
Mitigating the Meltdown/Spectre vulnerabilities
By: Rick Hemsley

With organisations suffering somewhere in the region of two to three focused security breaches every month, the "Meltdown" and "Spectre" vulnerabilities are a major cause for concern. These vulnerabilities stem from flaws in microprocessor design and leave the world’s laptops, desktops, servers, smartphones, other mobile devices and cloud services open to potential attack and abuse. Significantly, given the nature of the vulnerabilities, it’s highly likely that attacks will go unnoticed by the enterprises affected.

How the vulnerabilities work

Meltdown concerns microprocessors from major manufacturers with Advanced Micro Devices (AMD) currently being reported as unaffected. The vulnerability enables attackers to build software that can access and read data such as logins, passwords and encryption keys that are stored in a device’s memory. Meltdown is relatively easy to exploit, but patches are becoming available to remediate its effects.

The Spectre vulnerability, meanwhile, is an architectural design flaw that affects most, if not all, microprocessors. Spectre appears to be the more serious of the two vulnerabilities. Although it is more difficult to exploit, fixing it might require a new generation of redesigned microprocessors.

Potential consequences

Of immediate concern for business is the security threat posed by the vulnerabilities. If malicious actors can read processor memory, it could lead to the leaking of information, such as keys, passwords, and other sensitive information which could be used to conduct further attacks and expose vulnerabilities on a range of devices.

Businesses should also be aware that cloud-based services are also potentially threatened by these vulnerabilities. An attacker with a presence on a virtual machine in the cloud, for example, could potentially design a programme to access the memory contents of other customers’ virtual machines on the same physical system.

Finally, there are considerations around cost and performance. One of the effects of patching these vulnerabilities is that we will see a potential drop in processor performance; some commentators suggest the drop may be as much as 30 percent for certain workloads. This has a direct effect on the cost of a project.

Steps to protect your business

So, what can organisations do to build some resilience against Meltdown and Spectre? We have identified six steps that all businesses should take immediately:

  • Prioritize patching, especially of virtual machine (VM) software. Both the hypervisor and guest virtual machines.

  • Test patches for performance before deploying them to production.

  • Increase scrutiny of phishing e-mails that may contain attached executable files.

  • Regularly review performance metrics on cloud-based servers looking for unexplained performance degradation.

  • Perform adequate performance testing, and add more resources as required to arrive at the desired performance level—applying operating system (OS) patches to mitigate the Meltdown attack may degrade performance.

  • Take a risk-based review of the un-patchable systems in your estate—given the ubiquity of microprocessors, older systems running critical functions may be most at risk.

  • Use advanced adversary simulation to test these exploits in a real-life environment.

Find out more

To read more about Meltdown and Spectre, what it means for your business, and what steps you can take to protect your organisation, visit our site dedicated to helping organisations stay on top of the latest threats. There, you can download our cyber advisory on the vulnerabilities.

Popular Tags

    More blogs on this topic



        COMMENTS (0)




        Your Data Privacy

        By providing your e-mail address, you agree to the terms
        outlined in our privacy statement associated with
        commenting on the site. Your e-mail address will not be
        used for promotional marketing purposes.

        Retype the CAPTCHA code from the image
        Change the CAPTCHA codeSpeak the CAPTCHA code