You know how all reports on Meltdown and Spectre say that no exploits have been seen in the wild? Well…:
A cyber security flaw generating international alarm has enabled an attempted cyber attack in the Yukon, according to IT service provider Tangerine Technology.
“Meltdown” is one of two recently-publicized security vulnerabilities in a computer’s processor that hackers can exploit to access data – including passwords and other sensitive information.
Together with a similar security flaw, known as “Spectre,” almost every modern computer is vulnerable, the Washington Post reported today.
Cloud networks and smartphones are also at risk.
A Tangerine Technology press release issued this morning details one Yukon client’s experience with an attempted Meltdown hack.
“Sensitive data was extracted from a desktop computer and an attempt was made to transmit that data to the internet,” Tangerine Technology’s Martin Lehner said in the press release.
“Thankfully, the client had multi-layered computer security in place and the attack was eventually mitigated.
“But, nonetheless, we have actually seen this flaw attempted to be exploited right here in the Yukon.”
The territory’s remoteness shouldn’t lull Yukoners into a false sense of security, Martin Lawrie, Tangerine Technology’s vice-president, said in the press release.
“It doesn’t matter where you are, physically, on the planet. Everywhere is reachable from everywhere else with the click of a mouse.”
The security flaws are found in Intel, AMD and ARM processors.
They comprise “virtually 99 per cent” of every modern computer currently in use, Lehner told the Star this morning.
“This is probably one of the largest flaws, major security flaws, that’s been seen in the modern day, because it virtually affects everybody.”
When you’re working on a computer, open data are held in the processor’s memory, he explained. The flaws expose this data to potential hackers.
As for what options exist to patch the flaws, Lehner said, it’s a waiting game for now.
Most of the public is just learning of the vulnerabilities.
High-level industry players, however, have known about them for months, and have actively been working on fixes, Lehner and media sources report.
These fixes will likely come in the form of operating system and security updates for Macs, PCs, smartphones, and other smart devices, according to Lehner.
Device owners can check for these and complete the updates on their own as they become available.
In the interim, Lehner advised owners to make sure that any anti-virus and security software is up to date.