One of the challenges that businesses have in protecting themselves from cyber attacks is keeping up with patching vulnerabilities. In 2017 we saw in both the WannaCry and the Petya/NotPetya events how quickly malware can spread globally through un-patched, unsupported software.
This week, major computer design flaws have been identified. Here is a good explanation from KnowBe4, Inc. of the issue:
"Computer researchers have recently found out that the main chip in most modern computers—the CPU—has a hardware bug. It's really a design flaw in the hardware that has been there for years. This is a big deal because it affects almost every computer on our network, including your workstation and all our servers.
This hardware bug allows malicious programs to steal data that is being processed in your computer memory. Normally, applications are not able to do that because they are isolated from each other and the operating system. This hardware bug breaks that isolation.
So, if the bad guys are able to get malicious software running on your computer, they can get access to your passwords stored in a password manager or browser, your emails, instant messages and even business-critical documents. Not good.
So, What Are We Doing About This?
We need to update and patch all machines on the network. This is going to take some time, some of the patches are not even available yet. We also may have to replace some mission-critical computers to fix this.
In the meantime, we need you to be extra vigilant, with security top of mind and Think Before You Click."
This impacts not only corporate computers and desktops, but also smartphones and internet servers. Intel, Amazon, Google, Apple, Microsoft, Firefox have either released fixes or will be soon.Not only do you need to address this issue, but be prepared in the event that your business is attacked before you can install the fixes. And, do you have an insurance policy to protect your business?