Privacy Perils: Avoiding the Spectre of a Meltdown

January 26, 2018
Firm Publication

You recently may have heard news reports regarding new security threats known as “Meltdown” and “Spectre.” Not to be mistaken for the latest Hollywood box-office offering, these new threats allow attackers to exploit a design flaw in microprocessors (i.e., the chips that power your computer, tablet, smartphone or other electronic devices) to access and steal data stored in the working memory of shared servers and individual devices vulnerable to attack. (For more information, Red Hat has provided an easy-to-follow video of how Meltdown and Spectre could impact you.) Put simply, the flaws allow an illicit actor to dig through the data dumpster for your device in hopes of discovering something valuable like user names and passwords. To date, no companies or government cybersecurity agencies have reported any significant breaches related to these new threats. Nevertheless, many software and hardware companies have moved quickly to roll out software patches and updates aimed at preventing or mitigating the threat of these exposed flaws.

To help mitigate your exposure, software and hardware companies are strongly encouraging individuals to install the latest patches or updates made available to you. It is important that you proactively install any such updates on your personal computers, smartphones, tablets, etc., especially if updates are not automatically pushed to your respective devices. (Some reports have indicated that the haste to push these patches and updates may, in some instances, cause bigger problems than the flaw itself. However, until clearly advised otherwise by the author of the patch, best practice is to install, rather than forestall, updates.)

Privacy Perils imageCheck out our series, Privacy Perils, to learn what steps you can take to guard your personal and company data. For more information about this topic and other cyber security concerns, please contact Bob Brewer, Tony McFarland, Elizabeth Warren or a member of our Privacy & Data Security team.