The Spectre vulnerability is similar to its predecessor Meltdown, and is a dangerous form of cyber-attack. Spectre and Meltdown are alike in that neither is a true virus. Rather, they are vulnerabilities within the computer processor that are exploited to carry out an attack on a computer.
What makes Spectre uniquely dangerous is its ability to cause permanent, physical damage to your computer. For this reason, Spectre presents a core problem much more substantial than an average virus or malware.
History of Spectre
The Spectre threat became public knowledge on January 3. Spectre was discovered in June by multiple researchers known as “whitehat hackers” who knowingly attack computers to help developers protect their systems. Following proper processes, the hackers delayed the release of information to the public until January to give tech companies the opportunity to mitigate the vulnerability before malicious hackers became aware of it.
How Do Spectre Attacks Work?
Spectre is an attack method which allows a hacker to “read over the shoulder” of a program it does not have access to. Using code, the hacker forces the program to pull up its encryption key allowing full access to the program. An encryption key safeguards information and ensures only authorized individuals have access.
Imagine a scenario where Spectre triggers the program to pull up, or “think” about, its encryption key. Doing so allows Spectre to effectively read the mind of the program and gain access to the kernel, the most protected part of a computer’s operating system. Once the encryption key has been read, the attack can access any data ranging from browsing history to personal conversations.
The silver lining is there are limited uses for this attack. The odds of an individual PC being attacked using this technique are relatively low. Spectre primarily attacks multi-tenant systems, also referred to as cloud systems. This leaves vendors like Google, Amazon Web Services and Microsoft physically vulnerable.
What Are Cloud Providers Doing to Combat This Issue?
Google announced updates to prevent all known vulnerabilities. These updates have been implemented across Google Cloud Platform, G Suite applications, Google Chrome and Chrome OS products.
Amazon Web Services protected against all but a “single-digit percentage” of instances once the announcement was made. The remaining instances were handled in the hours following its announcement at the beginning of the month.
Microsoft patched its cloud services and other Windows versions designed for servers and desktops. The company announced it is working with chip manufacturers to test mitigations to protect its customers against both Meltdown and Spectre.
Best Practices to Avoid a Spectre Attack
Avoid ‘Security Through Obscurity’
Security through obscurity is the reliance on design or implementation as a primary method of protection. Security exposures are diverse and evolving so it’s best to consider all potential exposures, including those that are not yet being exploited. If you have security exposures, assume someone may find a way.
Have a Reputable Anti-Virus and Keep It Up to Date
The sequence of commands required for Spectre and Meltdown attacks to take place are specific and easily recognizable. Anti-viruses should be able to readily detect them. If an attack is recognized, be sure to follow standard virus procedures.
What to Remember
- The internet is not safe and attacks are ultimately after valuable information
- Spectre and other vulnerabilities increase the potential harm of a virus
- If a computer gets a virus using Spectre, it can affect other devices on the same network or server
- A Spectre attack does not make a virus more or less infectious, but does make a virus more dangerous
We Can Help
Strategy is here to help address your technology problems and answer any questions you might have along the way. If you believe you or your company’s devices or security processes may be at risk, please contact us to learn more.