Avoiding technology meltdown

Cyber security with globe

Prevention is the most vital and yet underrated area of crime. If a planned crime is prevented then the impact is not felt and the public don’t know about it.

This is even more the case for cyber security, where few people understand how the technology works in the first place and so are even less likely to be aware of potential threats.

The risk is intangible and for many people, if they can’t see it, it isn’t real. But the after-effects of cyber crime are all too real.

International research teams have been quietly working to identify threats to computer processors, which could expose personal data on a massive scale.

The processor is the main computer chip that does what computer programs tell it to do. Cyber-attacks can involve an attempt at intervention on a computer processor.

The researchers have identified two specific security threats to processors developed over the past 20 years, which they have named Meltdown and Spectre.

Meltdown could allow hackers to access a computer’s applications and steal personal data. It has been described as one of the worst bugs of its type ever found, with the potential to expose sensitive information such as passwords, logins, banking information and credit card details.

Spectre could allow hackers to trick computers into revealing secret information. It is more difficult for hackers to exploit than Meltdown, but also more difficult to fix and it affects all modern processors–laptops, desktop computers, smartphones and even cloud services.

While there is no evidence that hackers have exploited these security vulnerabilities, their nature makes it very difficult to detect exposure. It may be possible for data to be stolen secretly, leaving individual victims unaware.

Lead University of Adelaide researcher Dr Yuval Yarom was part of the team that identified Spectre.

He says reporting the results to companies that produce computer processors has enabled them to issue patches to fix some vulnerabilities.

“Some of the discovered issues will be fixed in future processors. Others are inherent weaknesses and will require changes in the way we write software.”His team’s work helps protect every computer in the world from potential cyber attacks.


 

Featured researcher

Dr Yuval Yarom
Centre for Distributed and Intelligent Technologies
School of Computer Science
Faculty of Engineering, Computer and Mathematical Sciences

Tagged in Defence, cyber and space, cyber security, spectre, meltdown