Advertisement

Tutorials

Home Guides Advanced Article

Best Practices to Protect Your Data from Meltdown and Spectre

Industry Best Practices to Protect Data from Meltdown and Spectre

Not rated
Rate:

John Scutz
May 17, 2018


John Scutz

My name is John Scutz and I am a technology enthusiast at Adeptia Inc. As an active participant in the IT industry, I often like to talk about data, integration, and how technology is helping businesses realize their potential

John Scutz has written 1 articles for CGIDir.
View all articles by John Scutz...

There is a lot of fear-mongering in the IT realm about Meltdown and Spectre. The twin vulnerabilities were discovered on January 3 in computer processors used by many PCs, smartphones, and data hubs. “The security flaws have raised questions about the security of private data, passwords and exchange reserves. Here are some vulnerabilities which have provided a new attack surface for hackers and best practices to avoid them.”

 

What are Meltdown and Spectre?

Meltdown and Spectre are two vulnerabilities that were discovered by Intel, AMD, and ARM by Google Project Zero, Technical University of Graz, Austria, and Cyberus Security. The bugs are called as the most catastrophic vulnerabilities ever discovered. The attackers can run programs to steal subjects personal information, email, data, private keys, etc.

 

Meltdown & Spectre

The flaw resides in a functionality called ‘Speculative Execution’ that accelerates clock speed of CPUs. This functionality uses cache memory and behavioral data to accelerate the speed of processors. While processing data, the cache memory gets access to protected data on RAM. The cache memory stored in processors becomes vulnerable to threat attacks.

 

Defending Data from Spectre and Meltdown

 

The flaws residing in the hardware are nearly impossible to fix. Once the system is breached,  It is impossible to trace the attacks and understand which part of data has been compromised. But the attacks can be avoided with some best practices.

 

Update systems: Software patches and microcode updates are available to protect against these vulnerabilities and experts recommend users to update and accommodate these fixes. The users should consider storage options for safeguarding data safely. Staying updated with the latest patches will help users in keeping the threats away.

 

Avoid using browser-based password managers: Modern day browsers use pre-built tools to store passwords. Users should refrain from storing password in these tools as the metamask is vulnerable to attacks. A dedicated application to store password will make it difficult for hackers to hack passwords stored in them.

 

Keep the private keys or passwords off: It is always a wise decision to keep the keys off when you are not trading exchange reserves or funds. Another good practice while handling funds is to not to leave them on exchange for a long time. Experts also urge users to turn the private keys off when they are not in use.

 

Avoid clicking external links: Users should avoid clicking external links in mails and websites. In this way they can prevent the download of external malware.

 

Consider a paper or hardware storage option: Paper and hardware wallets are the best bet and they ensure better security. Hardware wallets like Trezor and Ledger provide robust security options against malware. They are pretty hard to breach. Another similar best practice is not storing the sensitive data on the cloud.

 

Related Blog:Adeptia Response to the Meltdown and Spectre Vulnerabilities

Users can mitigate most threats by adhering to these best practices and staying vigilant. To an extent, these practices will make the data safe. But users can expect Intel to unveil some more CPU flaws in the future. Staying updated and attentive to changes will help us in safeguarding the virtual assets.


Add commentAdd comment (Comments: 0)  

Advertisement

Partners

Related Resources

Other Resources

image arrow