Home Insights The Spectre of a Meltdown? How to Avoid the Latest Cybersecurity Threats

The Spectre of a Meltdown? How to Avoid the Latest Cybersecurity Threats

Publication
January 9, 2018
Author: Kelly Ruane Melchiondo

With names reminiscent of those of movie villains, the "Meltdown" and "Spectre" computer flaws pose dire real-world risks to computers, devices and networks worldwide.

"Meltdown" is a flaw that affects only computers and server equipment that use Intel chips or processors. It essentially offers hackers a "back door" to access a computer's memory and anything saved in that memory, including passwords saved in Web browsers for frequently visited websites.

The "Spectre" flaw affects chips in smartphones and tablets, in addition to Intel's computer chips and those from Advanced Micro Devices, Inc. Spectre allows hackers to manipulate apps to cause them to leak sensitive information. While researchers suggest that Spectre may be less dangerous than Meltdown, because of the number of devices affected across multiple platforms, Spectre may prove more difficult to patch. The only known device that may be immune to the Spectre flaw is the Apple Watch.

There are no known breaches as a result of Meltdown or Spectre yet. Nonetheless, the risk is so serious that Microsoft, Apple and Linux have all issued security alerts, and have issued, or are issuing, security updates and patches to protect computers, servers and devices.

What can your company do to protect itself?

First, download immediately all security updates and/or patches that the manufacturers of your company's computers, equipment and networks offer. Do not wait.

Second, delete all saved passwords stored on your company's web browsers. Consider changing all employee passwords as soon as the security patches are installed.

While Meltdown and Spectre may increase your risk of external penetration, the greatest known risk to your company's cybersecurity is not external - it's your employees. Take the following measures to minimize the risks:

  • Remind your employees not to use their company passwords to log in to any other sites, not to share their passwords with anyone, and never to store or save their passwords on Internet browsers connected to your company.
  • Prohibit your employees from downloading or transferring files, software or other material from personal computers onto your company's computers or networks. This will prevent infected files from migrating onto your system.
  • Remind your employees not to click on links in, or open documents attached to, emails, without checking with your IT department first. Phishing remains the most common method for hackers to access computer systems.

 

Related Practices
Data Privacy & Security
RELATED PEOPLE
Kelly Ruane Melchiondo
Kelly Ruane Melchiondo
Partner
YOU MIGHT ALSO LIKE
Speaking Engagement September 27, 2024
U.S. Transparency Improvements
Paul D'Alessandro, Jr. serves as a speaker at the STEP LATAM Conference in Buenos Aires, Argentina. Paul's presentation - U.S. Transparency Improvements - is an overview of recent U.S. transparency developments including the practical application of the reporting requirements imposed by the Corporat...
Press Release July 23, 2024
Bilzin Sumberg Named to Bloomberg Law’s Diversity, Equity, and Inclusion Framewo...
Bilzin Sumberg is proud to announce that it has been named to Bloomberg Law’s fourth annual Diversity, Equity, and Inclusion (DEI) Framework. Bilzin Sumberg is one of only 57 U.S.-Based Firms that were included in the 2024 Framework.
Press Release July 23, 2024
John Trach Appointed Deputy Chair of Bilzin Sumberg Cares Program
Bilzin Sumberg is pleased to announce the appointment of John Trach as Deputy Chair of the Bilzin Sumberg Cares Program.John will work alongside Program Chair Lori Lustrin to further strengthen the firm's commitment to community service and philanthropic initiatives.
VIEW MORE