How to handle Meltdown and Spectre

The Meltdown and Spectre attacks differ from most cyber threats facing customers today because these vulnerabilities are due to the fundamental architectural design of the modern optimized CPU. What makes these vulnerabilities so devastating are the combination of scope and extent; they apply to nearly every computing platform we use every day, and when successful they allow the attacker to access your most valuable data stored in memory.

There are many variables in determining the potential impact and this is where WWT can help. We have developed a customized workshop that will help you identify the impact these vulnerabilities have on your environment, what to patch and how to strengthen your security controls and architecture.

WHAT ARE MELTDOWN AND SPECTRE?

In 2017, a small group of elite computer security researchers discovered that they could bypass standard memory protections by taking advantage of two of the many aggressive optimization features present in most modern processor architectures: transient execution and on-chip caching. Transient execution, which occurs in several slightly different forms (such as out-of-order execution and speculative execution), simply means that the processor will execute “speculative” instructions when it has spare time, instead of just sitting idle. A side effect of this execution is that data is prematurely cached on the processor. The result is that a carefully crafted cyber attack can infer the value of this data, bypassing OS and hardware protections.

Although they use similar techniques, Meltdown and Spectre have very different implementations and require different patching and firmware update methods. All these changes come with some level of performance penalty and can fundamentally change the way applications perform across an infrastructure footprint.

WWT’S SOLUTION

Our Meltdown and Spectre Workshop will help you start combating these vulnerabilities right away. During this workshop, our experts will first learn about your environment and then discuss corresponding risks from each threat. Then we’ll cover what to patch now, what to patch later and why, including an analysis of current patching strategies and the effectiveness we’re seeing in the industry.

Additional topics:

  • Detailed presentation of Meltdown and Spectre, especially the differences between the two and the implications for mitigation.
  • Impacts Meltdown and Spectre may have on your applications, virtualized environments, private cloud, public cloud and other systems.
  • How you can strengthen existing security controls and architecture to mitigate the threat from Spectre variants.
  • Identification of specific performance fixes and tuning that can reduce the overall impact after patching or turning off speculative execution.
  • What are some alternate architectures and technologies that can be leveraged to mitigate or lessen risk?

After conducting the workshop, we will deliver a report that summarizes the details of our discussions, identifies your overall exposure and provides recommendations for further improvement. WWT also offers follow-on engagements in the form of security risk assessments and extensive, customer-specific testing of patches for safety and performance in the ATC.