Welcome to 2018; we’re only three days into the new year and there are already two major security issues making headlines.
First off, it’s been discovered that a design flaw in certain Intel processors creates potential security holes in Linux and Windows kernels. While hardware presents a different element of user and data security, this particular case demonstrates how deeply this can impact anyone using a chip-powered device (which is pretty much everyone using a device, which is pretty much everyone).
In this case, data on users’ devices, as well as networking information, is potentially vulnerable because all manner of operations are conducted through these processors. It’s a huge issue because it requires a fix at the OS level, or alternatively, customers can buy and install new processors that do not have the flaw. Either way, it’s no small thing first to find out that you’re working with a potentially exposed piece of hardware, and secondly, to fix the issue before it becomes critical.
The best case scenario is that the kernel will be exploited through malware and other hacking attempts that are not necessarily targeted at specific data. At worst, however, various applications and authorized users can gain access to the kernel and read the content being held within its memory. These kernels have been designed not to be exposed to other processes or programs because they can contain passwords, cached files, and other highly sensitive data. With access, however, this data can be made available and potentially shareable.
Among the many problems for users is that they just won’t necessarily know much about their hardware and may not know if they are using the flawed processor. Intel will have to deal with this on a massive scale; at this point it isn’t known how many people this affects, but considering the ubiquity of Intel chips in devices, it’s likely going to take a huge effort to fix. There’s certainly more to come on this as we will undoubtedly begin to hear of resulting security breaches and hacks that result from this particular issue.
Secondly, it was just discovered that almost 250,000 confidential files about Homeland Security Department employees were compromised in 2014. In addition, files of non-employees that were part of HSA investigations were breached. The Inspector General’s office, which discovered and disclosed the issue, as verified that the information all included personal data, but did not offer a great deal of information beyond that.
The Inspector General did not specify precisely how the information was leaked, but indicated it was not due to “unauthorized exfiltration.” This leaves many lingering questions, among them, if the data wasn’t exfiltrated, how did it get moved beyond an HSA environment. Additionally, how will HSA prevent this from happening again, and what safeguards are they using to identify vulnerabilities across all their data?
Is this the new normal? According to some, it’s not only the new normal, but it’s simply scratching the surface of what we can expect to see in the coming months as hackers increase the number of attacks and seek more creative channels into your data.
We’ve already identified a variety of expected security issues that will create problems for cloud customers in 2018, and while we know things are going to get worse before (and if) they get better, there is no better time to begin getting your cloud in order. We encourage you to get “cloud fit” and take steps to gain control over your cloud.