Nearly all computers worldwide – as well most other devices
– have been exposed to security flaws which leave them vulnerable to attacks.
Researchers discovered holes in security stemming from
central processing units, better known as microchips, which could allow private
data stored in computers and networks to be accessed by a third party.
So far, there hasn’t been any breaches, but is it a big deal?
And what could it mean for your business?
What Are the Vulnerabilities?
There are two security flaws: Meltdown and Spectre.
- Meltdown affects laptops, computers and internet servers with Intel chips.
- Spectre has the potential for a wider reach. This can affect some chips in smartphones, tablets and computers that are powered by Intel, ARM and AMD.
Senior data analyst at the technology consultancy IDC has said that data centres and devices connected to the Cloud are also vulnerable.
What is the Scale of the Issue?
The UK’s National Cyber Security Centre (NCSC) has said
there is no evidence that this has been exploited, however, now the issue has
been made public, there is concern that the bugs are discoverable and could
potentially be taken advantage of.
The tech industry has been aware about the issue for at
least six months, but everyone from developers to security experts involved
signed non-disclosure agreements, presumably in an attempt to keep things under
wraps until dealt with.
Considering there are 1.5 billion personal computers in use
today alone, and around 90% are powered by Intel chips, the exposure to the
Meltdown bug is potentially huge.
What Information is at Risk?
The bugs allow hackers to potentially read data stored
within a computer and steal information such as passwords and credit card
information.
Jake Saunders, a Technology Analyst from ABI Research said
it wasn’t exactly clear what information could be at risk, but as the security
risks have been exposed, the big question is can other parties discover and
potentially exploit them?
What does this mean for my website?
If you host your website with Ascensor, our VMware hosting
platform isn’t vulnerable to Meltdown and patches have been released in order
to mitigate Spectre. At present, there are no known ways to remotely exploit
these vulnerabilities so before anyone can take advantage, they would need to
have access to the server.
Access to the servers we host is controlled and known by us,
so the attack surface is small. We will be applying patches to them once we
have evaluated what impact it will have on performance.
Ascensor Security
As a digital agency, we use computers in our daily
activities. However, data security is our highest priority and we are currently
in the process of becoming an ISO 27001 accredited agency.
We are also updating our own equipment as patches become
available. If you notice any issues concerning your website, contact Ascensor now.