Meltdown, Spectre Aftermath: Intel Forms Cybersecurity Group
Intel plans to create an internal cybersecurity group, the Oregonian reported. The news comes after Intel last week released details about Meltdown and Spectre, microprocessor bugs that enable cybercriminals to compromise laptops, PCs, smartphones, tablets and public cloud servers.
Leslie Culbertson, Intel’s SVP and director of human resources, will lead the company’s cybersecurity group. Intel CEO Brian Krzanich (pictured, top) also has appointed VP Steve Smith and reassigned several company executives to the cybersecurity group, the report said.
Smith, by the way, led last week’s analyst briefings about the Meltdown and Spectre issues — which continue to haunt the technology industry as MSSPs and customers scramble to patch everything from PCs and servers to networking gear and cloud systems.
Meltdown and Spectre: Here’s What You Need to Know
Meltdown and Spectre enable cybercriminals to read the contents of a kernel’s memory that otherwise is hidden from administrator and user processes and programs, according to The Register. Malware and hackers also can use Meltdown and Spectre to exploit other security bugs.
Meltdown and Spectre may cause processors to slow down, The Register reported. However, Intel has denied these claims.
Amazon, Google and Microsoft have updated their cloud services and other products in response to Meltdown and Spectre. Meanwhile, MSP-centric vendors like Datto are providing guidance as partners prepare to patch the bugs.
Furthermore, the U.S. Computer Emergency Readiness Team (US-CERT) has recommended administrators and users review Vulnerability Note VU#584653, Microsoft’s Advisory and Mozilla’s blog post for additional information and refer to their operating system vendor for appropriate Meltdown and Spectre patches.
IBM CEO Leads Aspen Institute Cybersecurity Group
In addition to the Intel cybersecurity group, international nonprofit think tank The Aspen Institute this month has formed a cybersecurity group to address security vulnerabilities at the national level.
- Collection and sharing of threat intelligence with the National Security Agency (NSA) and Central Intelligence Agency (CIA).
- Delivery of cybersecurity insights to government and industry leaders.
- Development of cybersecurity curricula to teach organizations how to detect and address cyberattacks.
The Aspen Cyber Group plans to meet several times this year, Axios reported. It also will collaborate with lawmakers and issue reports on various cybersecurity topics.