• Skip to content
  • Skip to primary sidebar
  • Texas A&M Forest Service
  • Texas A&M Veterinary Medical Diagnostics Laboratory
  • Texas A&M AgriLife Extension Service
  • Texas A&M AgriLife Research
  • Texas A&M College of Agrculture and Life Sciences
Texas A&M AgriLife IT Security
Texas A&M AgriLife IT SecurityLatest IT news & tips to keep your computer safe

Archives for January 2018

January 2018 Security Considerations

January 24, 2018 by SecurityTeam

With the January 3rd announcement of the side-channel MELTDOWN/SPECTRE vulnerabilities and resulting impact on billions of devices it seems IT Security is 35 points behind at the start of a 4th quarter and the other team knows we are throwing long on every play.  Clearly, the understanding that everyone associated with technology – from processor engineer to student worker racing to a workstation with a browser pop-up announcing the user has “won” an Amazon GiftCard – now knows they have a long-term role in IT Security.

We aren’t in the 4th quarter!

IT security takes a game plan.  In the frenzy of announcement, we sometimes lose sight of the greatest risks.  Let’s take MELTDOWN.  It is not in the wild.  It would take intrusive software on the device to exploit this vulnerability that security researchers discovered.  It has even been said it requires a statistical probability either over a long period of time or across many devices to have successful mapping memory from the vulnerability and then plant an exploit.   Guess what?  It is even harder when a user reboots 🙂 The NIST National Vulnerability Database rate these as a medium risk vulnerability with a low exploitability score.  Contrast that with ransomware that are high risk and have double the exploitability.

So what’s the game plan?  If I was the lone IT support with 300 end-user devices and a handful of servers I would expect to spend 30 hours a month on IT Security and compliance.  Some of this time each month is not just patching, scanning, fighting AV and packet-sniffing alerts but educating users THAT REMAINS THE GREATEST RISK, increasing security via automation, and  getting rid of legacy security “holes” (like too many local administrators and old OSes).  We’re not going to lose this game!  We are only at half-time and while a little behind we have a good game plan of USER EDUCATION, vulnerability management, patch management, more security automation, and our all-SEC running back.

So what to do about MELTDOWN/SPECTRE?  Intel has said if the OS is patched MELTDOWN does not really require firmware.   Of the two variants of SPECTRE, both INTEL and flip-flopping AMD have announced they still must complete a firmware that addresses one of the variants.  It will be weeks before that firmware is out.  Chrome is about to release a browser version that purposely slows down direct cache processing to close the timing hole that can be exploited via the Chrome browser.   Part of risk management is knowing your high value targets and that means the first thing to patch are servers with lots of credentials in memory and in February when there is a long-field-tested stable firmware test the firmware on one low-impact system and then apply the firmware to high-value targets.

There is a lot of information on these exploits but one of the best reference is Intel itself.   At the below link INTEL provides both what they and other vendors from Acer as an OEM to Microsoft to Ubuntu are doing.  Now let’s go out there on the field and take the lead!

Intel Side-Channel Updates

 

Filed Under: Uncategorized

Recent Posts

  • January 2018 Security Considerations
  • December 2017 Security Considerations
  • November 2017 Security Considerations
  • October 2017 Security Considerations
  • September 2017 Security Considerations

Archives

  • January 2018
  • December 2017
  • November 2017
  • October 2017
  • September 2017
  • August 2017
  • July 2017
  • June 2017
  • May 2017
  • April 2017
  • March 2017
  • February 2017
  • November 2016
  • October 2016
  • September 2016
  • August 2016
  • July 2016
  • June 2016
  • May 2016
  • April 2016
  • March 2016
  • February 2016
  • January 2016
  • December 2015
  • November 2015
  • October 2015
  • September 2015
  • August 2015
  • July 2015
  • June 2015
  • May 2015
  • April 2015
  • March 2015
  • February 2015
  • January 2015
  • December 2014
  • November 2014
  • October 2014
  • September 2014
  • August 2014
  • July 2014
  • June 2014
  • May 2014
  • April 2014
  • March 2014
  • February 2014
  • January 2014
  • December 2013
  • November 2013
  • October 2013
  • September 2013
  • August 2013
  • July 2013
  • June 2013
  • May 2013
  • April 2013
  • March 2013
  • February 2013
  • January 2013
  • December 2012
  • November 2012
  • October 2012
  • September 2012
  • August 2012
  • July 2012
  • June 2012
  • May 2012
  • April 2012
  • March 2012
  • February 2012
  • January 2012
  • December 2011
  • November 2011
  • October 2011
  • September 2011
  • August 2011
  • July 2011
  • June 2011
  • May 2011
  • April 2011
  • March 2011
  • February 2011
  • January 2011
  • December 2010
  • November 2010
  • October 2010
  • September 2010
  • August 2010
  • July 2010
  • June 2010
  • May 2010
  • April 2010
  • March 2010
  • February 2010
  • January 2010
  • December 2009
  • November 2009
  • October 2009
  • September 2009
  • August 2009
  • July 2009
  • June 2009
  • May 2009

Pages

  • June Microsoft patches – detail – Internet Explorer
Texas A&M AgriLife Extension Service
Texas A&M University System Member
  • Compact with Texans
  • Privacy and Security
  • Accessibility Policy
  • State Link Policy
  • Statewide Search
  • Veterans Benefits
  • Military Families
  • Risk, Fraud & Misconduct Hotline
  • Texas Homeland Security
  • Texas Veteran's Portal
  • Equal Opportunity
  • Open Records/Public Information