Our site uses cookies to make it work and to help us give you the best possible user experience. By using our site, you agree to our use of cookies. To find out more about cookies and how you can disable them, please read our cookies statement. 

Cookie Settings

You can manage your cookie settings by turning cookies on and off.

Click on the different cookie  headings to find out more about the types of cookies we use on this site and to change your settings. Please be aware that if you choose to turn off  cookies, certain areas of our site may not work and your browsing experience may be impacted.

For further information on how we use cookies, please see our cookies statement. 

Strictly Necessary Cookies

(Req)

These cookies are essential for the technical operation of and proper functioning of our site  and enable you to register and login, to easily move around our site, and to access secure areas. Without these cookies our site won't function properly.  

These cookies are required

Performance Cookies

Performance cookies allow us to collect aggregated and anonymous data on how our site is used, such as the number of visitors to our site, how you navigate around and the time spent on our site and also to identify any errors in functionality. These cookies also help us to improve the way our site works by ensuring that you can find what you’re looking for easily, to better understand what you are interested in and to measure the effectiveness of the content of our site. 

Marketing Cookies

These cookies allow us to advertise our products to you and allow us to pass this information on to our trusted third parties so that they can advertise our products to you on our behalf. All information these cookies collect is aggregated and therefore anonymous. No personal information is shared to third parties. Any personal information collected while using our website could be used for direct marketing from Dimension Data only.

What you need to know about Intel processor design flaw

Blog

The IT world is racing to patch their systems after two major vulnerabilities in Intel, ARM and AMD processing chips have been announced – affecting almost all computers and systems made in the past two decades. Possibly more.

These two vulnerabilities – dubbed Spectre and Meltdown – allow unauthorised access to your device’s data. They have forced a significant redesign of the Linux and Windows kernels to reduce the impact the bug.

The impact on IT

These CPU vulnerabilities (Spectre and Meltdown) can allow attackers access to your OS’s kernel memory, which can then be exploited to access sensitive data. The result of the fundamental design flaw in Intel’s processor chips means that PCs and Macs will need new patches to mitigate the flaw, or risk  a performance penalty. (reported to be 5 to 30% overhead).

According to Google, virtually every Intel processor released since 1995 is vulnerable. They will be releasing Chrome version with a patch on 23 January. Microsoft has already released an emergency Windows 10 patch.

What you can do about the Intel processor design flaw

  • Be ready for patch Tuesday from Microsoft, and check your Linux distributions. This will introduce a performance hit on your systems, 5-30%. Your mileage may vary, therefore please test production systems carefully for load.
  • Plan for priority systems, Internet facing, DMZ, Critical Services.
  • Access risk and prioritise patching.

Get in touch with Dimension Data’s Cybersecurity Advisory, formally Security Architecture Assessment & Security Architecture Consulting Service. We assess your IT framework for a secure posture, which is then tested against control points. One of which is patch management ability.

Vulnerabilities abound – especially if your systems are out of date

The past few years have been unusually high activity for new vulnerabilities, so 2016 appears to be more of a correction to normal pace of vulnerability exposure. That combined with vendors implementing more secure development lifecycle practices. There was no major vulnerability announcement with far-reaching repercussions akin to Heartbleed or Shellshock since 2014. In fact, majority of clients have now patched these vulnerabilities so we’re seeing the tapering off on the discovery of what was some very widespread vulnerabilities.

  • 47% of vulnerabilities are more than 3 years old
  • 53% of vulnerabilities were disclosed within the past 3 years
  • 8% more than 10 years old
  • Discovered vulnerabilities as old as 17 years, still prevalent in our environment
  • Four industries account for 79% of all vulnerabilities across our client base: Technology (34%), Business/Professional Services (21%), Retail (14%), Finance (10%)
  • Overall 6% reduction in the number of vulnerabilities recorded across our client base year on year.

Patching

Organisations are adopting more robust patch management strategies coupled with periodic assessments, but significant improvement is still required to meet compliance requirements and industry best practices. This will play an important role as organisations begin rolling out new devices, and technologies to accelerate their digital business. This is where Dimension Data can play a key role, using our consulting capability in terms of security architecture assessments, assessments services in penetration testing, vulnerability assessment, and vulnerability management solutions.

Our top recommendations

  1. Plan for priority systems, Internet facing systems, DMZ & Platforms with Critical Services (Access risk and prioritise patching. All systems will finally need to be patched)
  2. Test application and loading of systems with new patches
  3. Patch hypervisors
  4. Patch operating systems
  5. Minimise administrative privileges

Find out more about Dimension Data’s cybersecurity solutions and services, and start preparing for a predictive cybersecurity strategy.

Previous Article: Top IT trends in 2018: Cybersecurity Next Article: How established providers can master omnichannel

You may be interested in

Roads
Blog

SDN is redefining the data centre

To understand how the data centre is changing within the enterprise, it’s important to recognise that its essential functions are not changing.

Read blog
Robot hand
Blog

Behavioural analytics and artificial intelligence demand a relook at identity

The reignition of interest in and the acceleration of the capabilities of artificial intelligence (AI) are providing security professionals with an expanded toolbox.

Read blog
Doctor examining an Xray
Blog

The rise of blockchain at SXSW Part 2

In my last SXSW round-up blog, we left off with a recap of SXSW Interactive, where blockchain and distributed ledger technology (DLT) was far and away the hottest topic.

Read blog
Women working on computers
Blog

Eyes wide open: Raising cybersecurity's profile in your business

Our 2017 Global Threat Intelligence Report showed that, year on year, 11% more businesses were improving their incident response ability. But 68% still had no formal incident response plan.

Read blog