This week a pair of major security flaws were discovered with the ability to affect all of your tablets, PCs, mobile devices, and cloud products you may own. Named Meltdown and Spectre, these hardware-based bugs have the potential to allow hackers the ability to steal sensitive information like passwords and other personal information through vulnerabilities in modern processors (Intel, ARM, AMD).
Unlike many of the recent ransom attacks you have read about, antivirus software will not fix the security flaw, and the Meltdown and Spectre bugs may essentially slow down your device’s processors indefinitely. Here’s what you need to know and how to protect yourself...
The Difference Between Meltdown and Spectre
The Meltdown flaw mostly affects Intel-powered machines (laptops, desktops or MacBooks), while the Spectre flaw affects processors from AMD and ARM – meaning your smartphone is also likely affected by the processor flaw. There are already patches available to protect yourself partially from the immediate threat while a long-term solution is figured out.
How to Protect Yourself
While you can protect yourself from Meltdown, it’s harder to defend against the more invasive Spectre flaw. Researchers believe software updates to patch particular flaws in Spectre are possible, but none are available yet. To address the Spectre exploit completely, a redesign of the OS and microprocessor might be necessary. The Meltdown flaw, luckily, is already being patched. Here is some information on how to protect yourself:
Microsoft has issued an out-of-band patch update for Windows 10, while other versions of Windows will be patched on the traditional Patch Tuesday on January 9. If you’re having trouble installing the automatic security update, Microsoft suggests your antivirus might be the culprit. If you’re on Windows 10, chances are you’ve either automatically downloaded the update, or are scheduled to update on a set schedule.
Google Chrome, Mozilla’s Firefox, and Microsoft Edge have all updated or scheduled updates to patch the security flaw. You can update Google Chrome to its latest, patched version on January 23, or download Firefox’s latest update. For Chrome on iOS (iPhone, iPad), Google says Apple will deliver any necessary fixes.
Android phones will be getting a new security update on January 5th that will include mitigations to help protect you with future updates including more fixes (Nexus and Pixel phones only). Other phones will have to wait for their updates from the manufacturers or carrier.
Apple had already fixed most of these security holes in macOS High Sierra 10.13.2 last month, but MacOS 10.13.3 will enhance or complete these mitigations. No updates so far for mobile devices.
Linux kernel developers have also released patches by implementing kernel page-table isolation (KPTI) to move the kernel into an entirely separate address space.
What You Should Do
If you are a LANTIUM client, call support immediately if you are prompted to install any software or updates that you are not sure about. If you are not a LANTIUM client, you should immediately call your organizitions primary IT department/support company/contact. If you do not have a reliable IT support provider, it may be time to consider one.
To Our Valued Clients - You're Safe!
Please be aware that LANTIUM is constantly monitoring and updating operating systems as a service to all of our managed services clients. We understand the seriousness of this and all other cyberattacks and the effect it can have on your business
Although these exploits have the potential to affect a large number of processors and devices, we do not foresee any major issues in the environments of our managed service clients due to our ongoing efforts to patch workstations and servers regularly.
How Do I Know if I Have Been Infected?
Sometimes even taking every precaution is not enough for IT security, which is why knowing what to look for and how to detect the symptoms of a compromised computer is important to ensure your safety. Read our recent post, 5 Symptoms of a Compromised Computer, to know if you have been infected and if your data and network is at risk.
How to Protect Your Business from Ransomware
Practicing good cyber hygiene is the best way to protect yourself, your workplace, and data from cyberattacks. A few technical considerations are listed below. All of them you may do on your own or contact LANTIUM for assistance:
- Enable strong spam filters, and scan all inbound and outbound emails with filters
- Configure firewalls to block access to known malicious IP addresses
- Patch all operating systems, software, firmware
- Set antivirus and antimalware programs to scan automatically
- Manage use of sensitive accounts on the principle of least privilege
- Consider disabling Remote Desktop Protocol
- Use application whitelisting and backup data regularly
- Conduct annual penetration testing
The truth is, there’s no excuse for leaving yourself or your business exposed. Please read our recent post, Seven Simple Habits to Protect Your Business from Ransomware, for things to do now for basic data breach prevention, minimize risk, and to keep you, your end users and business safe.
What to Do if You’re Infected
Panic and worry can be overwhelming once you realize that your computer may have been compromised. However, it’s not over for your computer and all of your files. If you believe you have been infected by a virus, trojan, worm, ransomware, or cryptolocker, there is still a chance to restore your computer to the state it was prior to infection, quickly, and without further damage or loss of productivity.
If you believe your computer may be infected, or if your organization has had IT security and performance issues in the past, Lantium can help! Our Critical Care support team is available for our clients 24x7x365.
Interested in learning more about security audits, assessments, proactive monitoring, data backup/recovery, or how to make your business and its data more secure? Schedule a free call with our experienced IT security Philadelphia consultants today: