Security experts have discovered two major security flaws in the microprocessors inside almost all the world’s computers. The two flaws, called Meltdown and Spectre, could enable hackers with malicious intentions to circumvent a computer’s own controls to reveal the entire contents of that computer’s memory. It is not just desktops and PC’s that are at risk here, but also mobile phones, IoT devices, and servers running in cloud computing networks.
Meltdown is the immediate problem because many large companies use cloud computing services like Google, Amazon and Microsoft. Theoretically, a hacker could get space on a cloud service and take advantage of the flaw to access personal information like passwords and photos from other unsuspecting users. Personal computers not attached to the cloud are less vulnerable here because hackers would have to install software on each computer first.
It was shortly after these vulnerabilities were revealed that a security patch was resealed to address the Meltdown flaw. While the patch does fix the issues, it is not perfect. It can slow down computers by as much as 30 percent according to the New York Times (however, it should be noted that these slowdowns are less likely in highly optimized applications). This won’t do for many users that used to computers operating at the speed of light. All three companies have encouraged their customers to update their own software in the meantime because a potential 30 percent slowdown is still better than a compromised machine.
Spectre has been found to expose core memory in most computers and mobile devices. It affects most processors in use today, although researchers believe this flaw is more difficult to exploit. Unlike Meltdown, there is no quick fix. Fixing the Spectre security vulnerability would require redesigning the processors, researchers have said. Because of this is will likely be an issue that will take decades to eliminate completely, it is up to the chip makers like Intel to address this problem, considering it is a design flaw that has been replicated by many processor manufacturers. A fix might not be available until new chips start hitting the market.
Right now, it is unknown if hackers have been able to carry out these theorized attacks as neither flaw leaves any traces that they were there. This is leading many businesses to ask what they can do to protect themselves.
As listed in the MITRE cybersecurity framework, there are numerous variations of pentesting, all of which can be tailored to an organization's timeline, expected outcomes, and cyber insurance requirements.
Here at Packetlabs, we execute penetration tests via the following:
DevSecOps: DevSecOps is integrated early in an organization's development cycle and acts as an extension of its development team to flag vulnerabilities within pre-existing detected management systems
Red Teaming: Red Teaming is a full-scope simulated attack designed to get a holistic review of the level of risk and vulnerabilities across people, processes, and tech in an organization
Purple Teaming: Purple Teaming is our collaborative testing exercise where the Packetlabs red team works with a company's internal security operations team (or blue team) to bridge the gap between offensive techniques and response efforts
Cyber Maturity Assessments: A Cyber Maturity Assessment supports the tactical direction of an organization's cybersecurity strategy. As the first step in strengthening its security posture, this assessment generates the roadmap to strengthen its overarching security program
OT Assessments: OT Cybersecurity Assessments simulate the likelihood of an attacker reaching the control centre from an external and internal perspective with production-safe testing
Ransomware Penetration Testing: A Ransomware Penetration Test evaluates the preparedness and risk of a ransomware attack and identifies gaps in people, processes, and technology, to determine the likelihood and readiness for a ransomware attack
Cloud Penetration Testing: Multiple perspectives help with strengthening security posture. These include Cloud Penetration Testing, which simulates an attacker in the environment, and a Cloud Penetration Review, which provides insights into cloud-specific vulnerabilities originating from an insecure configuration. Each of these services can be conducted separately or, for maximum effectiveness, combined as an enhanced cloud security bundle
Objective-based Penetration Testing: Following a preliminary penetration test, objective-based testing conducts a more advanced simulated cybersecurity attack. The test is conducted by persistent ethical hackers who deploy multiphase attacks to gain access to your organization's data so that a company can discover gaps and vulnerabilities unique to their organization (alongside testing their ability to detect and respond to threat actors)
Application Security Testing: More targeted in scope than a regular pentest, Application Security Testing uncovers vulnerabilities residing in web and mobile apps by actively exploring applications from an attacker’s perspective
Infrastructure Penetration Testing: Infrastructure Penetration Testing uncovers vulnerabilities in IT and network systems to provide a tailored approach for each environment
These are all in addition to the Packetlabs Portal, which enables teams to quickly view Packetlabs' findings, prioritize efforts, request retests after remediation, and monitor progress.
Each type of penetration test or assessment can be tailored to a company's specific cybersecurity wants, needs, goals, and pre-existing vulnerabilities.
At Packetlabs we recommend an “always on” approach to cybersecurity ad-hoc or even annual analysis is just not enough in today’s digital climate. We offer IT security consulting services to help you protect your organizations most valuable assets – intellectual property and customer data. Contact us today to learn how you can protect your organization from threats like Meltdown and Spectre.
September 27 - Blog
InfoStealer malware plays a key role in many cyber attacks, enabling extortion and lateral movement via stolen credentials. Learn the fundamentals about InfoStealers in this article.
September 26 - Blog
Blackwood APT uses AiTM attacks that are set to target software updates. Is your organization prepared? Learn more in today's blog.
August 15 - Blog
It's official: Packetlabs is a partner and attendee of Info-Tech LIVE 2024 in Las Vegas. Learn more about event dates and registration today.