Welcome to 2018, we’re already starting the new year off with a bang! Intel’s chipset security flaws are taking over the news and the risk that the IoT represents.
Meltdown and Spectre are two names that have been flying around the internet in the wake of Intel’s disastrous security gaff. As we covered previously, Intel’s processors have a deeply flawed design that allows for extremely destructive attacks against any device using them. Considering that Intel’s processors have been very popular, this represents one of the most widespread security flaws to ever be discovered. Meltdown is a malware program that allows hackers to copy data from the infected machine, if that data has been used in an online web browser. Your login information to a desktop application isn’t currently considered to be at risk but that may change as the story develops. Meltdown allows an attacker to bypass the safeguards that prevent an outside source from peering into a device’s memory. Intel is currently insisting the design aspect that allows this sort of attack isn’t a design flaw but is still making the security patch a mandatory download. There have been rumors that this patch will massively slow any device it’s applied to, with a slow-down close to 30%.
Spectre is a program that infects computers, servers, phones and tablets, unlike Meltdown which only goes after computers and servers. Spectre can’t directly access a device’s memories like Meltdown, instead it can attempt to overwrite applications to put data somewhere accessible. Spectre is more difficult to detect and remove due to its lower-profile nature, it’s not as actively involved with your computer’s processes. As always the best way to keep your devices safe is to keep them up-to-date. Don’t let your computer fall months behind in its security patches. It can be annoying to deal with Window’s Updates but its better then having all of your personal data stolen. Don’t open any strange emails, and definitely don’t download anything.
Source: MELTDOWN, SPECTRE: WHAT WE KNOW ABOUT THE MAJOR CYBER SECURITY FLAWS AND HOW TO PROTECT YOURSELF
Bitcoin mining, along with other cryptocurrencies, has become a huge spectacle with far-reaching consequences. We’ve talked about browser hijacking before, both malicious and and benign. Websites like The Pirate Bay have used visitor’s extra processing capacity to mine for currency, they’re constantly strapped for funding so this allows them to generate value on their own. Malicious executables have been found in email attachments that covertly insert mining code into devices. This sort of high-intensity operations slows down devices, and drives up the users electrical costs. In comes the Internet of Things (IoT), which relies on interconnected processors that leverage their combined power to make your life easier. IoT devices work by allowing every device in the network to bypass the normal security protocols, this helps keep them running together. It also means that any device that becomes compromised will spread malicious code to the other devices in the system. The possibility that a hacker to take over the smart devices in your home to mine for cryptocurrency is a real one, make sure that all of your devices are up-to-date.
Source: BITCOIN PRICE RISE COULD LEAD TO SMART HOME ATTACKS THAT CAUSE ELECTRICITY BILLS TO RISE, CYBER SECURITY EXPERT WARNS
Max is a Legal Assistant and author residing in the Philadelphia area He has been writing for AskCyberSecurity.com since early 2017.