Spectre and Meltdown Highlight Online Banking and Digital Gold Risks
– Critical hardware flaw breaks basic security: risks to online banking & digital assets
– Nearly all computers worldwide, smartphones and other devices – exposed to major security risk
– Two separate security flaws identified in devices powered by Intel, ARM and AMD chips
– Vulnerability known about for six months by tech insiders
– Cyber crime represents the biggest transfer of economic wealth in history
– Cyber crime damage costs to hit $6 trillion annually by 2021
– All digital assets and information at risk
– Crypto currencies, digital assets including gold exposed
– Physical gold’s benefits highlighted
Editor: Mark O’Byrne
The Spectre and Meltdown double whammy this week underlines the increasing risks in the global computing infrastructure and our online banking and digital asset world of banking and finance.
On Wednesday, came news that anyone who uses a computer, smartphone, tablet etc has been introduced to the concept of ‘hacked hardware’. Two separate security flaws, named ‘Meltdown’ and ‘Spectre’ have been identified in devices powered by Intel, ARM and AMD chips. The flaws make pretty much any device hackable.
Not only are our ‘things’ affected but data centres and devices that connect to the cloud are also at risk.
The problem was identified by Google engineers and has been known about for approximately six months. Whilst no attacks taking advantage of these security flaws have yet been identified, we are talking about an unprecedented number of computers, devices, people and companies, including banks, being exposed.
The BBC estimates that ‘for personal computers alone: there are 1.5 billion in use today (desktop and laptop combined) and around 90% are powered by Intel chips, IDC estimates. That means exposure to the Meltdown bug is potentially huge.’
Meltdown affects laptops, desktop computers and internet servers with Intel chips. However, Spectre is an arguably bigger threat. It affects chips powered by Intel, ARM and AMD. in smartphones, tablets and computers.
Why is this a big deal?
The weaknesses leave any device with affected chips vulnerable to both hacking and slowdown in performance. The flaw could give cyberattackers unauthorized access to sensitive data.
This is scary as for years users have been used to warnings by the tech industry that there are security holes in software. These are regularly taken advantage of by hackers. But we are now exposed to a flaw in hardware. Hardware troubles are arguably much harder to fix and newer impossible to replace given their extensive presence around the world.
Scott Borg, director of the U.S. Cyber Consequences Unit, is most concerned about hardware vulnerabilities over software ones. He sees the biggest threat in industry.
Borg recently spoke at Stanford University and explained the shift in hackers’ mentality:
“Initially,” he said, “[hackers] focused on operations control, monitoring different locations from a central site. Then they moved to process control, including programmable logic controllers and local networks. Then they migrated to embedded devices and the ability to control individual pieces of equipment…You can imagine countless attacks manipulating physical things,”
Why are hackers turning to hardware over software? Surely software has a greater reach? No, argues Borg. The decision to move to hardware is purely economic. Stock manipulation is a key way cyberattackers can take advantage of a hardware malfunction.
“There is a limit to how much you can steal from credit card fraud; there is no limit to how much you can make in taking a position in a market and making something happen,” Borg says. “You can short a company’s stock in a highly leveraged way, then attack the company in a way that makes stock fall, reinvest on the way