It seems the spectre of the past has come back to haunt Intel as major security flaws were found in their processing chips which they have apparently known about for a significant amount of time. Whilst it appears the seriousness of the risks and damage has been recognised and is being resolved, the potential consequences could be massive.
These flaws, which have been dramatically named Meltdown and Spectre, could potentially allow cyber-attackers to steal sensitive data, including personal information, passwords and banking details, by targeting the information that’s stored in the memory of the computer's processor chip. Meltdown and Spectre has the potential to affect billions of systems worldwide, both at work and at home, with products ranging from smartphones and tablets to PCs and affecting nearly all vendors and operating systems. The prospective fallout from this could be unprecedented.
Digital development is at the forefront of driving change and improving efficiencies within businesses, but they must have a thorough understanding of the associated cyber threats. The implications of a cyber-attack, including loss of customer data, and business interruption through disruptions to business operations and supply chains, can result in a loss of profits and reputational damage.
Businesses that are found not to have taken thorough measures to protect themselves and their customer’s data could be subject to large fines under the European Union’s General Data Protection Regulation (GDPR), which comes into force in May this year. The trade-off between efficiency and exposure that technology brings has never been clearer, and businesses need to be aware of this.
Here are three steps to take which could reduce the potential for a successful cyber-attack:
1. Upgrade all obsolete and unsupported systems and ensure all systems have the latest security updates applied.
2. If a patch has been released, ensure all programmes have this patch installed as soon as possible.
3. Ensure backups are carried out daily and are disconnected/air gapped from your network once complete. This ensures a business can still carry on trading in spite of a breach or system failure.