Photo by Whitehorse Star
CAUTION ISSUED – Device owners should make sure that any anti-virus and security software is up to date, advises Tangerine Technology’s Martin Lehner (above). Inset Martin Lawrie
Cyber security flaw leads to attempted hacking incident
A cyber security flaw generating international alarm has enabled an attempted cyber attack in the Yukon, according to IT service provider Tangerine Technology.
A cyber security flaw generating international alarm has enabled an attempted cyber attack in the Yukon, according to IT service provider Tangerine Technology.
“Meltdown” is one of two recently-publicized security vulnerabilities in a computer’s processor that hackers can exploit to access data – including passwords and other sensitive information.
Together with a similar security flaw, known as “Spectre,” almost every modern computer is vulnerable, the Washington Post reported today.
Cloud networks and smartphones are also at risk.
A Tangerine Technology press release issued this morning details one Yukon client’s experience with an attempted Meltdown hack.
“Sensitive data was extracted from a desktop computer and an attempt was made to transmit that data to the internet,” Tangerine Technology’s Martin Lehner said in the press release.
“Thankfully, the client had multi-layered computer security in place and the attack was eventually mitigated.
“But, nonetheless, we have actually seen this flaw attempted to be exploited right here in the Yukon.”
The territory’s remoteness shouldn’t lull Yukoners into a false sense of security, Martin Lawrie, Tangerine Technology’s vice-president, said in the press release.
“It doesn’t matter where you are, physically, on the planet. Everywhere is reachable from everywhere else with the click of a mouse.”
The security flaws are found in Intel, AMD and ARM processors.
They comprise “virtually 99 per cent” of every modern computer currently in use, Lehner told the Star this morning.
“This is probably one of the largest flaws, major security flaws, that’s been seen in the modern day, because it virtually affects everybody.”
When you’re working on a computer, open data are held in the processor’s memory, he explained. The flaws expose this data to potential hackers.
As for what options exist to patch the flaws, Lehner said, it’s a waiting game for now.
Most of the public is just learning of the vulnerabilities.
High-level industry players, however, have known about them for months, and have actively been working on fixes, Lehner and media sources report.
These fixes will likely come in the form of operating system and security updates for Macs, PCs, smartphones, and other smart devices, according to Lehner.
Device owners can check for these and complete the updates on their own as they become available.
In the interim, Lehner advised owners to make sure that any anti-virus and security software is up to date.
Add your comments or reply via Twitter @whitehorsestar
In order to encourage thoughtful and responsible discussion, website comments will not be visible until a moderator approves them. Please add comments judiciously and refrain from maligning any individual or institution. Read about our user comment and privacy policies.
Your name and email address are required before your comment is posted. Otherwise, your comment will not be posted.
Comments (1)
Up 0 Down 0
Tim Jardim on Jan 5, 2018 at 6:20 am
There seems to be a lot of confusion regarding these new vulnerabilities, and as an IT security professional living and working in The Yukon, I would like to take the time to review them .
There are two new vulnerabilities (actually three, but two are very closely related.) Meltdown and Spectre. Both vulnerabilities are hardware based within the actual CPU. This makes patching very difficult.
Meltdown
Meltdown is by far the most severe. With Meltdown an attacker can copy most if not all physical memory. This includes privileged memory in the kernel-memory that it does not 'own'. The result of this is being able to steal passwords, session keys and other confidential material.
Patches are available to protect against this threat for most operating systems, however this does come at a cost.
Since the Operating System can no longer trust the CPU to do its job, the Operating System must step in to do it. This brings a performance penalty which has been described as ‘non-negligible’. Reports have put this figure as low as 10 per cent, while other reports put this figure at as high as 50 per cent. Anyway you look at it your computer is going to be slower after applying the update.
As of this day on January 5, 2018, the only CPUs affected are the ones by Intel. While exploitation of Meltdown is theoretically possible with both AMD and ARM CPUs, researchers have noted no practical exploit has been achieved to date. However this may change at a later date. One notable exception is Apple and the new iPhone. It is vulnerable to the Meltdown attack. It seems Apple hired some ex-Intel designers to build their new ARM CPU.
Spectre
The second-Spectre is a very dangerous exploit. However, unlike Meltdown Spectre can only read memory from its own process-that is memory that it ‘owns’. It cannot read any privileged memory. Where this vulnerability could be exploited is with web browsers. One tab could be compromised with the Spectre vulnerability and be accessing privileged information in another tab.
Right now, there is no patch available for this vulnerability, and to make matters worse there is a JavaScript proof of concept (PoC) floating around the Internet. It is just a matter of time before we see actual exploits in the wild.
There is a second variant of Spectre that can access all memory including privileged memory. Fortunately this vulnerability is considered to be far to difficult to use effectively.
Mitigation
To greatly reduce the chances of becoming a victim,
1-Make sure your anti-virus is up to date.
2-Ensure your computer is up to date with the latest software patches and updates.
3-Ensure all firewalls are turned on and functional.
4-Make sure that your browser is running an ad blocker. Since Spectre is likely to spread via JavaScript, a very likely attack vector will be those ads since a lot of them utilize JavaScript (this has happened before with the Washington Post and New York Times among many others)
On a side note, applying these patches on Windows computers may not be successful if you are running third party antivirus products. There are other reports that applying these patches will cause the anti-virus to do the infamous Blue Screen of Death (BSoD). Make sure your anti-virus is patched first.
Am I affected?
More than likely, yes. If you are running Microsoft Windows, Microsoft has a support web page at
https://support.microsoft.com/en-us/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in
Unfortunately, this site is geared more to IT professionals and the tools provided may be beyond the scope of some people.
For those who are looking for more technical explanation of these vulnerabilities check out Jake Williams (@MalwareJake) outstanding video at https://www.youtube.com/watch?v=8FFSQwrLsfE
If you have any other questions, you should speak to a IT professional for advice. I can be contacted on Twitter @TheTeeStar