What is Spectre and How Could it Affect Your Business?

Network security is always a hot topic in the world of business and Information Technology. Major Cyberattacks like Cryptolocker and WannaCry have made ransomware – malware that encrypts data on computers until money is sent – top of mind for business owners.

Business owners are right to be afraid of such an attack affecting their operations and while there are many security best practices to adhere to the threat remains omnipresent. By now, you have probably heard 99% of ransomware attacks come via emails disguised to look genuine. You have probably also been advised by your IT staff or strategic IT partner to implement safeguards like SPAM filters, firewalls, anti-virus and security information and event management (SIEM) solutions. These safeguards, as well as employee training can go a long way in preventing such an attack. However, there is no full-proof solution when it comes to network security.

With the advent of ransomware, we have seen a boon in security products and offerings. Many of which, at this point, are mirror images of each other. In the world of anti-virus, the latest trend is machine learning, which deviates from earlier definition-based versions by using artificial intelligence to recognize when an anomaly occurs on your systems. However, malware and ransomware are not the only threats to your data. In fact, the most recent security concern is not a virus at all.

Engineers at Google recently discovered exploits in Intel, AMD and ARM processors, which exist in nearly every computer and smartphone released over the last 20 years. These exploits, coined “Spectre” and “Meltdown” are security flaws in the actual architecture of computer processors. Rather than a virus, this architectural vulnerability may leave systems exploitable should cyber criminals find a way to take advantage of it. In simple terms, this exploit could potentially be used to monitor and capture all data processed on any given device with an affected processor. Microsoft has taken quick action to create updates for their major operating systems in an effort to address this vulnerability. Other major operating system vendors are doing the same and security vendors are working around the clock to update their anti-virus programs. These updates, while needed, have been reported to drastically reduce the speed of various systems by up to 30%, leaving business owners with a choice between ensuring this vulnerability has been addressed or rolling the dice and potentially slowing their operations.

It is important to maintain regular monitoring of your network and seek guidance on what security products are actually worth the money. More so, make sure you are asking what limitations a security product or update might have on other parts of your network. If you have not talked to your IT partner about Spectre and Meltdown, do not delay.