How to Explain Meltdown and Spectre to your employees

Have you heard of Meltdown and Spectre? Well, you have now. These hardware design flaws are wreaking havoc by exploiting critical vulnerabilities in modern processors. It is most likely that your computer systems are affected, and you don’t even know it as they do not leave any traces in traditional log files. When affected, cybercriminals can gain access to passwords and sensitive data stored in your computer’s memory.

Vulnerable machines have to have malware running in order for the vulnerability to be exploited. Malware can make a home on your computers with the wrong click of a link and falling victim to phishing schemes. That being said, it’s important to explain this risk to your employees and executives. Below is a high-level summary to help explain what’s going on in order to protect your systems from these vulnerabilities.

The Issue

The main chip in most modern computers has a hardware bug, which is the result of a design flaw that has been there for a number of years.

The Risk

This is a big issue because it can affect all computers on the network; including individual desktop computers and company servers. It allows malicious programs to steal data from your computer memory. This is not typical; however, this hardware bug breaks the isolation between applications and the operating system. Meltdown and Spectre work on personal computers, mobile devices, and in the cloud.

Access

Clicking on malware-infected links opens the floodgates for hackers to gain access. If they can get the malicious software running on your computer, they now have access to passwords, emails, photos, and documents.

Resolution

There are patches against Meltdown for Linux, Windows, and OS X. Patching software after exploitation through Spectre can harder software against future exploitation.

As always, think before you click and make sure cybersecurity is top of mind.

For a list of patches, call us today.

 

Contact Us
About the author