A global security issue affecting 80% of laptops and 90% of desktops worldwide has been discovered this month, resulting in a worldwide scramble from the Tech Industry to fix the problem and mitigate consumer concern.
In light of the growing global concern over this issue, Aviso EIA Insurance Brokers is advising all its clients to take immediate action to review and mitigate the risk to your business by;
- Understanding the problem
- Maintaining and updating your computer operating systems by applying new security updates as soon as possible
- Ensuring you have Cyber Insurance policies in place.
Understanding the problem
According to Google, there are three separate serious security flaws that can potentially expose your private and confidential data stored on a computer. The flaws are within the “speculative execution,” technique used by most modern processors (CPUs) to optimize performance.
The issues have been categorized as;
Current reports suggest that while Meltdown can be patched, no such fixes currently exist for Spectre.
“Malicious actors or criminals could take advantage of speculative execution to read system memory that should have been inaccessible e.g. an unauthorised party may read sensitive personal information in the system’s memory such as passwords, encryption keys, or sensitive information open in applications.”
The company that produces the most widely used CPU for computers, mobiles and devices, – Intel – has confirmed the problem is industry wide but says for malware to compromise security using these exploits, the hacker must have direct access to the system.
However, where customers are using a virtual network the whole system can be compromised by one infected computer.
Naturally, there is rising global speculation about the severity of the issue – specifically around the potential performance impacts on servers and public cloud environments.
In Australia, businesses will be subject to the new Notifiable Data Breaches (NDB) Scheme with effect from 22nd Feb, 2018 which will require businesses to advise customers if they have suffered an eligible data breach.
Systems affected include; Intel, Microsoft, Apple, AMD, Google, ARM and Linux Kernel.
Maintaining and updating your operating systems by applying new security updates where appropriate
Microsoft, Apple, Google and Amazon have all responded to the issue and released security patches.
For more information about this visit the following resources
Review your cyber insurance policies
Cyber Insurance can protect you from losses incurred from
- Data breaches
- Failure to protect private information
- Damage caused by computer hacking
- Compensation for business interruption for loss of services not performed
Contact Aviso EIA Insurance Brokers today to arrange a quote or to review your current policy.