Tuesday, February 27, 2018

Cyber Vulnerability

                               

A few weeks ago several scary hardware vulnerabilities surfaced to illustrate how sophisticated hackers have become.  Spectre and Meltdown hacks use manipulation of central processing unit cache (yeah, the "CPU" is one of the key chips on your computer's motherboard).  These hacks use a detailed understanding of cache memory functionality to steal data from applications on your computer or perhaps from elsewhere on your network (thanks to Carbon Black for this illustration regarding the workings of CPU cache/processing).

Some patches have been published, but these hacks are very hard to block.  In spite of assertions that we haven't seen this malware "in the wild," when you contemplate what this kind of hacking vulnerability means, you begin to realize how vulnerable computers are, in general, and understand the "rocket science" some of these hackers can bring to the table.

Computers.  Yes, the MRI and heart monitor in your hospital are computers.  Every device on your network.  Obviously desktop, laptop and mobile computers (including your phone) are also computers.

So what do you do about this?  Of course, install firewalls and enact your system's onboard security features.  Keep up-to-date on operating system patches (yikes... you might be forced to tolerate dog-slow performance or upgrade to the new phone!) ... but if you are responsible for any size organization, you should also monitor your network a bit more carefully.

Even  if your firewall can't stop a hack (pieces of malware infiltrate your network, then reassemble once inside, for example), you can detect unwanted data transmissions or peculiar performance characteristics (yes, even that sophisticated malware causes suspect hacked CPU behavior).

Thanks for reading.

1 comment:

  1. Thanks Pete! Does that mean that emptying the Cache more often would be a good thing to do??? Or does that even matter?

    ReplyDelete