There are functions of our CPU’s that have been discovered to be exploitable and the specific codes that could be used to exploit them have been coined “Meltdown” and “Spectre”. It is far more likely that they will be used as a cyber warfare & corporate espionage tool, rather than targeting small-to-medium businesses but it’s extremely important that everyone around the world has an understanding of the threat.
ActiveCo and partners have been monitoring this situation, and it’s resolution steps, closely and will update our clients if developments cause concern.
So…How do They Work?
Essentially, most technology devices around the world (PC’s, laptops, servers, mobile phones, tablets) have a vulnerability during a memory processing step at the CPU level. The effected chips were made from 1995 through 20013 by Intel (who provides chips to about 80% of desktop computers and 90% of laptops worldwide), AMD and ARM.
How Do They Do What They Do?
The vulnerabilities, given access only if a machine/device contains malware, allow a hacker’s unauthorized code access to your data during the CPU’s cache (or memory) processing stage.
To do their job, chips must move a lot of data around and temporarily store it. During this process, areas of memory that are not normally visible are available to be snatched up.
The information available during this process may include data from password managers, browsers, emails, and photos and documents.
Please review this concise video produced by the BBC which explains the situation:
There is One Saving Grace
It is important to note that these vulnerabilities can only be utilized only if a device contains malware. This means that security awareness and caution must be taken by you, the user, at every stage of your web browsing, business transactions and communication.
What Can I Do About It?
Please proceed to our article on what you, as a user, can do to help mitigate threats to your personal and work environments.