Consider yourself warned: there is a new threat blowing up in the news and it’s capable of exploiting most computing devices in operation today. That’s the warning from Sreeraj Gopinathan, Head of Threat Anticipation Services at Paladion, who offers further information on the threat and how it can be defended against.
The threat is named NetSpectre and it’s critical that you take a few minutes to learn a little more about it – and how you can prevent it from infiltrating your organisation.
What is NetSpectre?
Recently discovered by a team of security researchers, NetSpectre is a variant on the new Spectre family of attacks.
Spectre attacks take advantage of a chip feature called ‘speculative execution’. Speculative execution was originally designed to improve CPU performance. But cybercriminals have developed a way to exploit this feature. Now, cybercriminals can develop Spectre attacks that exploit this feature and trick computers into leaking sensitive information.
First, nearly every modern computing device is vulnerable to them. The speculative execution feature that they exploit is found in Intel, AMD and ARM chips. These chips are present in computers, mobile devices, cloud servers and almost any other device you can think of that has been produced since 1995.
Second, while Spectre attacks can potentially be patched, they may not be able to be solved via software improvements alone. To fully mitigate this exploit, it is likely you need to change a device’s processor architecture, at the hardware level.
Earlier versions of Spectre attacks were dangerous enough. But now NetSpectre has emerged and it carries with it a new feature that suggests Spectre attacks are about to become even more dangerous than they originally appeared.
What makes NetSpectre so dangerous?
On the surface, NetSpectre operates like many other Spectre attacks.
Previously-known variants of Spectre attacks had a limitation: the attacker needed to get the victim to first download and execute malware onto their computer or to access an insecure website that was running malicious JavaScript before they were able to launch their Spectre attack. But NetSpectre does not share this limitation.
NetSpectre can be launched over a network, which includes LANs and between virtual machines in Google’s Cloud.
NetSpectre itself can only exfiltrate data at relatively low speeds and thus requires a substantial amount of time to achieve its objectives. But it carries a frightening promise – this new threat demonstrates a potentially devastating, previously-unknown exploit in the majority of the world’s computing devices. And you can bet that cybercriminals are hard at work developing new, faster and even more dangerous threats to exploit this same vulnerability.
How to beat NetSpectre and its next evolution
The good news is: you’re not alone in your fight against NetSpectre and its variants.
Google remains hard at work, funding research to discover new Spectre exploits before they appear in the wild. And earlier this year, Intel released a series of patches that began to mitigate their speculative execution vulnerabilities. These patches appear to close the NetSpectre vulnerability. So if you have been aware of these emerging Spectre attacks – and updated your systems accordingly – then you should be protected against NetSpectre.
But if you have not updated your systems accordingly, or if you are unsure if you have patched this vulnerability, then please take some time to do so. While it is heartening to hear that the OEMs behind these vulnerabilities are attempting to correct them, cybersecurity is an ‘all hands on deck’ activity.
Whether you are a business owner, a security professional or simply an individual user, you share some responsibility for ensuring your network’s safety. And that begins with continued awareness of what threats are emerging and how to protect yourself against them.
Click below to share this article
