Whether you are running a SOHO business with just one or a few computers, or a large enterprise with thousands, PC security threats are a real and constant danger. Spectre and Meltdown were revealed at the beginning of 2018 – no, they are not superhero movie villains, but very real cybersecurity dangers. And while both have largely been mitigated through system update patches, the tale of these two cyber-villains is a cautionary one worth your review.
Meltdown and Spectre were widely reported at the beginning of the year, and even if you haven’t heard of them, you almost certainly saw the urgent communiques directing you to update your operating system software. That’s because the updates contained important patches to mitigate the risk from these two bugs, which, it turns out, have existed for decades but were not fully detected until 2017.
First, a little information about how your hardware and software should work: Your operating system is merely a platform that allows software to run. The operating system does not need to know what data is being used or gathered by the software – it merely needs to know how to allow the application to work. The operating system does not need to know the names and addresses of your customers in order to allow you to put them into an Excel spreadsheet, for example.
Further, the data gathered in individual software applications is kept separate from each other, except in cases where the user has explicitly allowed applications to share information. An example of shared information might be a plug-in or integration that allows QuickBooks to share information with a sales CRM. Otherwise, the data contained in software should be stored and accessed discretely.
These two key OS functions – separating software data from the operating system and creating a barrier between applications – are precisely the functions at risk.
Meltdown, a flaw in virtually every Intel processor made since 1995, breaks that barrier between your operating system and the software running on it. Spectre breaks the barrier between applications. In both instances, the computer is made vulnerable to hackers. With Meltdown, an operating system attack could potentially allow access to the personal data gathered by software running on the system; and Spectre could allow a hacker the ability to access the data gathered by multiple pieces of software by attacking just one application.
The moral of this story is clear: Your computer security is a constant priority. Just last month, a series of newly-discovered Spectre-style flaws vulnerabilities were reported. And it’s not simply a matter of keeping your system updated – monitoring for data breaches is equally important for all users, from home to small office to enterprise. Blutone Technologies offers affordable security for all your devices – get in touch today and we will make sure your systems are protected.