WEI is aware of the new vulnerabilities related to Intel and other CPUs which could potentially allow an attacker to gather privileged information from CPU cache and system memory, putting enterprise security at risk. The vulnerabilities are code named “Meltdown” and “Spectre.” The “Meltdown” issue is reported to only affect Intel CPUs while “Spectre” is reported to affect Intel, AMD, and ARM. The impact of these vulnerabilities could extend back to CPUs from as early as 1995 (in the case of Intel).

The fix for Meltdown (so far) are patches (OS and potentially, firmware) which will prevent or limit Speculative Execution. At a very high level, Speculative Execution is the CPU’s function of guessing what code it will need next and running it in anticipation of a request. In some cases, when the CPU guesses wrong, it doesn’t always put back the code it thought it would need, in other words, it doesn’t clean up after itself. That code, which could be passwords, can then be requested by another process because it’s kind of just sitting there, waiting to be picked up.

Helpful Links

For more information on the exploits, WEI recommends visiting the following links:

• https://newsroom.intel.com/news-releases/intel-issues-updates-protect-systems-security-exploits/

Fixes & Patches

Most fixes will come in the form of OS patches. Microsoft has already released patches for Windows, IE, Edge, and SQL. The Linux kernel was updated to eliminate the Meltdown vulnerability in November. (Linux Distros are responsible for releasing their own patches.) Apple released a MacOS update in December to address the conditions presented in Meltdown.

That said, it’s very likely hardware manufacturers will release firmware updates as well. As many appliances, controllers, switches, SANs, and other devices run Linux variants and/or Intel and AMD processors, customers should be aware that OEMs may soon be releasing updates for these devices as they assess their product vulnerabilities. WEI has been notified of some firmware updates related to these vulnerabilities (see the HPE link below), and will pass along information to our customers as we receive new notifications. However, we advise all of our customers to work with their OEMs as well, for the latest information on their products.

For more info on recent patches, see some of the links below. Please note this list is not exhaustive and new updates are being released constantly.

• CERT (contains evolving list of known patches & updates):
• Microsoft:
  • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002

*Other updates including application specific updates could be available

• RedHat:
• Suse:
• CentOS:
• Ubuntu: https://insights.ubuntu.com/2018/01/04/ubuntu-updates-for-the-meltdown-spectre-vulnerabilities/
• VMware: https://www.vmware.com/us/security/advisories/VMSA-2018-0002.html
• Firefox:
• Google:
• Apple:
• HPE:

Performance issues related to patches

At this time performance issues related to patches have been estimated to potentially cause between 5% to 30% performance impact. As the nature of some patches will be to prevent or eliminate speculative execution (which had increased performance over native execution processes), it’s not unreasonable to expect some performance issues. If a particular compute environment is currently running at very high utilization rates for the platform, or if a heavily consolidated or virtualized environment with sharp peak loads experiences a burst, it is possible performance degradation could be noticed.

Unfortunately, the level of performance degradation will be heavily dependent on the OS type, patch solution / strategy, and other updates such as firmware or application specific patches. At this time, WEI can’t speculate on the specific impact to any particular environment.

Important to Note…

WEI is not aware of any clients who have been exploited by these vulnerabilities. It should be noted too that OEMs have stated that to exploit these vulnerabilities, access to the OS kernel would be required, or malware run via java script in a browser. There may be other ways to exploit these vulnerabilities. Therefore, it is recommended that all available patches for OS and web browsers are tested and implemented as soon as possible. For example, a on Intel’s website regarding Speculative Execution and “” cache access, asks:

Q: Can these new exploits be enabled remotely?

A: No. Any malware using this side channel analysis method must be running locally on the machine. Following good security practices that protect against malware in general will also help to protect against possible exploitation until updates can be applied.

It should also be noted that most patches appear to be addressing “Meltdown” and some of “Spectre” (Spectre has two specific vulnerabilities identified). The prevailing thought about Spectre is that to resolve some of this particular vulnerability may require new hardware development and changes.

Even if no patches are available for a particular environment at this time, WEI recommends maintaining good security policies and programs to protect against attacks, intrusions, and exploits, including these potential vulnerabilities.

CONTACT WEI

As a trusted IT provider, WEI will stay engaged on this topic and help ensure optimal enterprise security for each of our clients.

Please reach out to WEI with any questions or concerns about these exploits, patches, and any fixes or other concerns you may have. The WEI team stands ready and committed to help in any way we can.

The post WEI Customer Advisory: The Meltdown and Spectre Vulnerabilities appeared first on IT Solutions Provider - IT Consulting - Technology Solutions.

Regardless of organizational size or industry, every company faces significant data and network security concerns today. Those concerns increase substantially for organizations that deal with protected or sensitive information in any way, including health, financial, or even basic customer data. The past decade has seen a growing number of both internal and external data security breaches in industries as diverse as healthcare, retail, entertainment, banking, and military contracting, and threats are unlikely to subside anytime soon. Organizations who act now to counter the threats of the future are the ones who have the best chance at protecting customers, employees, and brand reputations.

Common Security Risks

What risks do organizational leaders need to consider when selecting and investing in data security solutions? First, you should consider risks within your own company. For many organizations, people are the most valuable resource, but they are also the biggest risk to security. IT leaders understand this because of direct experience with people-caused breaches, but communicating this fact to other corporate leaders is important. While security policies and training don’t cover all bases when it comes to protecting data, they can be relatively low-cost efforts that build an important foundation upon which hardware and software solutions exist.

Sometimes, your internal threat doesn’t come from an employee who just doesn’t know better; disgruntled employees pose a major risk because they have access to data and systems and have motive to act outside of security parameters. To mitigate damages in such situations, companies should divide and protect data, creating access on an as-needed basis.

A growing risks for organizations is the reliance on mobile devices to create productivity and facilitate communication when employees or managers are not on the premises. Field service techs, delivery drivers, outside sales personnel, and business travelers are just a few people who regularly send, receive, and access sensitive data on mobile devices. Mobile devices mean organizations have to expand security parameters outside of their own networks.

Where are Organizations Failing?

Organizations that are relying on traditional data security measures are failing to protect networks and information because cyber criminals are anything but traditional. Cyber criminals are constantly looking for new ways to breach networks or acquire data, which means companies have to constantly question their data security.

One fail point for many companies is the trend toward bring-your-own-device, or BYOD, policies. Personal mobile devices might let employees increase productivity at little initial cost to companies, but how “free” is that productivity, really? Organizations can’t always ensure security of a personal device, and a breach costs much more than equipping employees with secure tools in the first place.

On the other hand, security itself could generate a fail point within an organization if it is seen as an obstacle to work. IT organizations have to work with business counterparts to deliver solutions that work for business goals without compromising data.

Hardware Equipped Across Four Security Pillars

One solution that’s allowing organizations to address both common security risks and common fail points comes from Intel. products embed features into hardware, reducing overall costs of security while maintaining a high level of both functionality and convenience. The hardware is equipped to address security concerns across four pillars common to all enterprise security needs.

First, the products create a defense against malware, protecting against external threats. Second, they simplify access control to protect against internal risks without impeding productivity. Third, they create protections that keep working should a device be lost or stolen. Finally, the systems are designed for upgrades and updates to keep up with evolving security needs.

Get an Assessment

An IT solutions provider can help organizations equip employees and systems with hardware-based security solutions, saving time, money, and the potential disaster of a data breach. Sign up for WEI’s Free Security Threat and Prevention Assessment today to get started.

The post Hardware-based Security: Battle Common Security Risks appeared first on IT Solutions Provider - IT Consulting - Technology Solutions.

Intel Technology Security Solutions

As an IT solutions provider, Intel offers a variety of hardware and software products designed to protect your network and infrastructure. Hardware-based solutions create easy-to-use security measures that protect devices and access points wherever employees take them. But Intel understands the complex nature of technical infrastructure, which means those hardware-based components are only the foundation for a comprehensive security solution.

The are designed to work with a variety of software layers to create additional protection. For example, organizations can choose to add a number of McAfee programs that are designed to integrate with Intel’s hardware. McAfee Network Security Platform, for example, enhances a network’s ability to identify and block malware. The Web Gateway provides added security for web-based apps by analyzing code and content entering networks from any web source; the goal is to find threats such as malware that might be launched at an enterprise through web-based windows. Intel’s hardware-based security solutions also work with , ePO Deep Command, and ePolicy Orchestrator.

Creating a Wall of Security

Think back to the childhood game Red Rover. Children stood, hand-in-hand, and called someone to “come over.” That child ran as fast as he or she could, attempting to break through the weakest-linked hands. The line of children worked together, holding hands tightly, to keep the person from breaking through.

Cyber attacks are just like that running child. They seek the weakest link in an organization and they attempt to break through via force, via deception, and via programming that outsmarts your security. Your security elements have to be like the kids holding hands in a line. First, they have to be connected. Security elements that each protect a single point or asset without regard for other security solutions leave wide gulfs of risk between protection points. Starting with a foundational approach that provides comprehensive protection and building up from the foundation reduces the chance of gaps in security.

Second, security products have to be compatible. Elements that aren’t 100 percent integrated leave small cracks that can be exploited by cyber criminals. Those cracks may even be more dangerous than the wide gulfs, because you sometimes don’t realize they exist until it’s too late. Malicious code or unauthorized access can occur for weeks or months before security alarms are triggered or, worse, a customer reports activity that points to a breach.

Taking New Security Steps Today

Security isn’t something organizations can afford to put off until tomorrow. The data breach that could cost an organization millions might be happening right now, which means security is always a critical consideration. Educating leadership across the organization about the need for comprehensive security is a critical first step toward implementing new security solutions. Working with an IT solutions provider can help both technical and nontechnical decision-makers choose cost-effective solutions that work as a team to protect infrastructure.

The post Do Your Security Solutions Work as a Team? appeared first on IT Solutions Provider - IT Consulting - Technology Solutions.