Hackers are using side-channel vulnerabilities like Spectre and Meltdown to expose critical data stored on modern computer processors, and the National Security Agency (NSA) is helping organizations combat these vulnerabilities.
In updated guidance, NSA offers the following mitigations to address side-channel vulnerabilities:
- Firmware Updates: Apply system vendor firmware updates, including those related to UEFI, BIOS, microcode, ucode or individual hardware device firmware.
- Software Patches: Apply software patches; these patches are available from Microsoft, Apple, Red Hat and Google and can be applied across each vendor's respective operating system.
- Configuration Changes: Consult with software vendors to find out if configuration changes are required to achieve the best-possible results with side-channel vulnerability mitigations.
- Verification: Test all firmware updates, software patches and configuration changes.
To date, all processor products from all processor manufacturers have been affected by side-channel vulnerabilities, according to NSA. With a proactive approach to side-channel vulnerabilities, organizations can quickly address such issues.
Side-Channel Vulnerabilities: Here's What You Need to Know
A side-channel vulnerability bypasses a computer's account permissions, virtualization boundaries and protected memory regions and exposes sensitive device information. As such, hackers use side-channel attacks to access and control a computer's power consumption, sound and other internal systems.
Notable side-channel vulnerabilities include:
- Spectre and Meltdown: Allow hackers to identify and access a computer's protected kernel memory that otherwise is hidden from administrator and user processes and programs.
- Foreshadow: Exposes sensitive information stored in personal computers and third-party clouds running on Intel processors.
- TLBleed: Uses machine learning to exploit a time side-channel on Intel processors.
- PortSmash: Leverages malicious code that enables a hacker to read data from a parallel thread in a CPU.
- NetSpectre: Retrieves sensitive information from a network device without requiring a hacker to execute malicious code.
In addition to using the NSA's recommendations and tips, organizations can partner with MSSPs to address side-channel vulnerabilities.
MSSPs provide endpoint security, managed detection and response (MDR) and other services to help organizations detect side-channel vulnerabilities and limit their impact. Plus, MSSPs can help organizations craft security strategies to keep pace with side-channel vulnerabilities and other cyber threats.