Spectre – Meltdown & more than 50 vulnerabilities discovered each day in 2017

Spectre - Meltdown vulnerabilities

Spectre – Meltdown you are concerned !

Spectre – Meltdown, this is the soap of the beginning of the year. Three vulnerabilities on processors have been revealed, although they were originally discovered in October 2017. Spectre and Meltdown vulnerabilities put manufacturers in turmoil and users at risk. A situation that is not new and that reminds us the various cybersecurity events of 2017.


2017: a full year of vulnerabilities


In 2017, an average of 50 new vulnerabilities were detected each day. This number growing faster (28 vulnerabilities discovered per day in 2016 and 17 in 2015), has not gone unnoticed. The proof is the number of cyberattacks and global breaches revealed: WannaCry, NotPetya, KRACK, Specter, Meltdown, …

Since May 2017, ransomware was at the center of all discussions. Indeed, WannaCry has impacted 300,000 computers worldwide. Petya followed on June 27,  impacting companies hardly. Some companies had their production stopped, others closed, and several months after the attack the cost is estimated at more than $ 1 billion. These first two cyber attacks were made possible by the disclosure of the “ShadowBroker” breach.

Another major cyber attack: the US credit company Equifax made the headlines in September 2017 for a data leak dating from July. Data from 145.5 million Americans as well as a few Canadian and English customers were exposed. In September, CCleaner was also attacked and 2.27 million PCs were infected.

In addition, large companies have admitted to suffer security breaches, sometimes gaping, due to the uncorrection of vulnerabilities. One other example is the MacOs Fault that allowed anyone to unlock a computer as a root user. Windows also had some security breaches while the cyber-attack “KRACK” exposed the WI-FI network.

Despite various security solutions, companies are still vulnerable.

If 2017 has been a good year for cyberattacks, 2018 promises to be worse for companies. It is time for them to better equip themselves to face it. Whether it is on an operating system, a processor, a server, an application, … all companies are vulnerable to the exploitation of vulnerabilities. None can claim to be 100% protected (you can ask Renault, FedEx, Equifax, Yahoo, Apple, Uber …). This phenomenon affects SMEs even more. Indeed, they are the target by 77% of cyber-attacks.


Spectre – Meltdown and all the others


Vulnerabilities and cyberattacks are linked each other. The seconds are made possible by the exploitation of the former. Their exploitation is accessible to all because they are public! Indeed, all vulnerabilities are referenced in the Common Vulnerability Exposure (CVE) database. This database is fill in every day with the new vulnerabilities detected by the community.

The first step to know if your company is vulnerable to these vulnerabilities is therefore to refer to this database. This phase is mandatory to build your action plan and to know your cyber risk exposure. Then you have to go to the second step, the remediation. Vulnerability checking and fixing is a time-consuming activity for security teams. With more than 50 new vulnerabilities every day, companies do not know which vulnerabilities they are exposed to and which ones to prioritize

In the case of Intel, if the Meltdown breach was discovered by various researchers early fall, the brand was already aware. However, it published only on December 2017 the security breaches that potentially impacted its chips on the assistance of its website. And she would not be the only one affected by the phenomenon. While the CVE-2017-5754 (Meltdown) vulnerability is believed to be inherent to Intel, the CVE-2017-5753 and CVE-2017-5715 (Spectre) vulnerabilities also involve ARM and AMD. These historical vulnerabilities was present in processors unknown to all for more than ten years and concern all computers.

Today, there is still no more news, the firm advises users to make all available updates pending a final fix at the end of the month. Meanwhile, computers around the world are exposed as vulnerabilities are known. However, there is still no known malware exploiting these vulnerabilities. Vigilance remains, however, essential. Using the Meltdown vulnerability on a virtual machine (VM) could impact all users of your infrastructure. Spectrum, more complex to put in place, is likely to affect the data by making them accessible via a JavaScript code.


How to be better armed against cyber attacks ? 


Because vulnerabilities are known and listed, it is necessary to set up monitoring tools to be notified as soon as a new vulnerability is detected and can affect the company’s information system.

Solutions, such as Elastic Detector, embark a vulnerability scanner to detect in real time all security vulnerabilities. They also propose solutions to put in place to reduce the risk of cyber attack.

If your processors are vulnerable to Meltdown and Spectre, Windows, MacOS, iOS have already proposed updates to protect themselves. Intel has advised users to make all the updates to their computers and smartphones but has not yet solved the problem. Brian Krzanich, director of Intel, was reassuring, during his speech at CES last week, announcing updates of all infected systems “at the end of the month”. And while updates may affect computer performance, Brian Krzanich says the impact of these is “heavily dependent on workload.” To be continued…

To take concrete action today against cyber threats, you can test Elastic Detector on your infrastructure to know your cyber risk exposure.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.