A Closer look at Processor Vulnerabilities

The past few years has been rough on processor security, this especially for Intel as one of the biggest processor vulnerabilities Meltdown and Spectre was for nearly all their modern CPUs.  Although patches came out almost immediately to solve these issues, this was just the start to the security vulnerabilities as other attacks such as MDS (Microarchitectural Data Sampling) have been popping up.  So why are these vulnerabilities and security flaws only now coming to light?  These issues actually are quite complex and would need a further understanding of the advances of CPU technology such as the following below:

  • L1/L2/L3 caches
  • Speculative execution
  • Pipelines and buffers
  • Hyper-Threading

If you are unfamiliar with the above technologies, they basically function as ways to help improve the speed of the CPU.  In theory, without these components, we could have a much more secure processor at the cost of performance.  Vendors are caught in a predicament of wanting to increase performance but also have to consider the security implications of newer technology.  This shows in the patches for recent vulnerability fixes which brought performance down of the CPU by 5-30%.  The latter number can be alarming but does not usually affect home users as the 30% is more frequent for servers.

Although vendors are still working on improving their security to prevent future vulnerabilities from happening, there are still ways to make sure that your data is protected like adding an additional layer of security.  With the help of 3rd party security vendors such as Trend Micro can help with products such as Deep Security through virtual patching.

To get a more in depth understanding of the processor vulnerabilities, you can refer to this article here.  To learn more about Trend Miro Deep Security, you can visit our page here or contact us directly at 893-9515 and we will be more than happy to answer your inquiries!

Server Security: Ransomware & Advanced Attacks

Business IT environments are now at bigger risks as more and more malware, such as Ransomware, are becoming more sophisticated.  The results of malware gaining access to your IT environment could lead to as much as disruption of your business operations – mainly your service, productivity, and more importantly – your reputation.  Cyber criminals do this through business process compromise (BPC), halting your access to business critical applications and data which can last for days if not months..

Contrary to common belief that cyber threats are an endpoint issue, ransomware and other advanced attacks are also focused on your servers.  Servers are high value easy targets for cybercriminals due to the combination of readily available infrastructure via the public cloud and the increased speed of application delivery to create competitive advantage.  Server and endpoint security hugely differ in the sense that the applications and operating systems that run enterprise workloads in the data center, in the cloud and even in containers can be extremely dynamic.

Fundamentals DO matter – Patching

As servers are the driving force that pushes any business forward, tasked with housing your most valuable data, it is only natural that cybercriminals would start targeting it – whether it’s on premise or in the cloud.  Cybercriminals will take advantage of vulnerabilities found on your servers. A good example of this is the recent WannaCry Ransomware attack a few weeks ago which leveraged on a Microsoft Windows SMB vulnerability to inject itself onto servers and endpoints.  OS Patching is the best solution to these as to prevent the attack from executing. However, there are many reasons why servers are left unpatched one of which is server downtime.  It is estimated that enterprise firms take an average of 250 days for their IT (205 days for retail businesses) to fix the software flaws in their enterprise applications.

Layered Security

Hybrid Cloud infrastructures are complex, and these complexities can have gaps which can be exploited.  So what can be done to prevent situations such as compromised endpoints accessing a vulnerable file server?  Here is where advanced server security solutions such as Trend Micro Deep Security comes in.  Designed to protect workloads across physical, virtual, cloud and container environments with host-based security to shield servers from a wide range of threats.  With its range of cross generational security techniques, it will be able to enable you to easily:

  • Stop network attacks and shield vulnerable applications & servers, leveraging Intrusion Prevention (IDS/IPS) and firewall techniques;
  • Lock down systems and detect suspicious activity on servers, using techniques like application control and integrity monitoring that have been optimized for the hybrid cloud; and
  • Prevent malware and targeted attacks from successfully infiltrating your servers, leveraging proven anti-malware and advance techniques like behavioral analysis & sandboxing

Learn more about Trend Micro Products from our product page here!