Businesses Beware of Meltdown and Spectre
Over the course of the last couple of weeks, the tech world has learned that a large portion of the world’s computer processors are vulnerable to a catastrophic flaw in an entire generation of computer chips. With hard facts finally coming to light, reports have emerged on how far reaching these vulnerabilities – dubbed Meltdown and Spectre – are. Both of which, have the potential to leak passwords and all other sensitive data on a computer, mobile device, or cloud server.
Is Your Business at Risk?
Yes. These vulnerabilities affect laptops, desktop computers, smartphones, tablets and internet servers that merchants use to conduct business according to Reuters.com. Any merchant business across the globe that has a modern device is susceptible to the security flaws that could let hackers steal sensitive information. What makes it even more alarming, is that the vulnerabilities do not discriminate and can also affect personal devices and steal data from other customers who share a cloud server with you.
Two Critical Vulnerabilities
Penned Meltdown and Spectre by researchers, both abuse critical vulnerabilities in all modern computer chip technology spanning the last 20 years. These hardware vulnerabilities allow rogue programs to steal data that is currently processed on the computer which can be collected by a fraudster. Typically, programs are not allowed to read data from other programs, but a rogue app can exploit Meltdown and Spectre to get ahold of sensitive information stored in the memory of other running programs. This could include passwords stored in your web browser or password manager, personal photos, emails, instant messages, and even business-sensitive documents. While similar in some regards, both exploits use side channels to obtain information from system memory locations.
How Do I Protect My Data and Information?
Luckily, there is some hope. Regarding Meltdown, there are software patches that are available to help combat the vulnerability. These patches are available from your software and internet browser vendor and should be part of any regular update. Most have already been applied via a quick-fix engineering update while others will be coming in the next few weeks.
Spectre, while harder to exploit, is also more difficult to mitigate making it difficult to overcome. The current patches should be enough to mitigate any risk until the next generation of processors start rolling out to computers and mobile devices.
For now, the best way to stay protected is to make sure to update all software as vendors are actively pushing out their initial fixes and any future updates. Barkly.com provides a guide to the latest patches. And merchants should always first test these patches prior to implementing them into production.
Learn More About How These Security Flaws May Affect You
Contact us online or call 1-800-621-8931.
Subscribe to Card Talk
Our monthly newsletter delivers the latest payments news straight to your inbox