Five Best Practices for an Incident Response Plan
Use these five best practices to create or update an IT security incident response plan.
Intel: Meltdown and Spectre Security Vulnerability
What is the story?
News was made known of a fundamental design flaw in modern Intel processor chips, being dubbed as two distinct bugs: Meltdown and Spectre. The chip-level security bug(s) are said to exploit protected kernel memory areas. This vulnerability allows hackers to potentially use malware to reveal the contents of kernel memory.
What is US Signal doing?
US Signal has completed a full audit of its compute infrastructure across all data centers and is immediately performing available VMware ESXi patches to mitigate the vulnerabilities on all remaining hosts pertaining to its Cloud Services. The remaining maintenance activity will begin today and is projected to be completed within 24 hours. The necessary work is less than expected, as US Signal’s routine infrastructure maintenance has already mitigated nearly 50% of the exposure.
What should customers do?
Guest operating systems still need to be investigated and patched. Microsoft has made available an emergency patch release this week outside of the typical Patch Tuesday via a standard Windows Update. US Signal advises its customers to follow best practices with this release. Customers should also make special note of any anti-virus software currently deployed as it could be incompatible with the Microsoft patch and cause further issues.
Are there any additional impacts?
Experts say that the critical patches put in place are expected to trigger an Operating System (OS) performance degradation. The performance hit is due to the OS patch moving the kernel to a completely separate address space in order to remedy the security vulnerability. The projected impact could be a 5-30% degradation. US Signal is currently running thorough tests in order to derive benchmark expectations. Depending on the application, the potential performance hit could vary. If customers determine that more compute resources are deemed necessary to compensate for the OS performance loss, please reach out to the Technical Operations Center at [email protected] or 888.663.1700 to either process a rapid upgrade or discuss the best course of action.
What’s next?
US Signal will continue to keep customers up-to-date on any required actions related to this industry-wide vulnerability. Cloud Service Providers and Enterprises alike are all affected by this exploit. We are confident that we remain in a position to best support our customers keeping their data security as an utmost priority.
Should customers have any questions or concerns, please contact the Technical Operations Center at [email protected] or 888.663.1700.
Related Blog Posts
Expand from Network Security to Cloud Security
Learn how to expand from on-prem network security to cloud security with these best practices and resources.
Safer Internet Day Starts with Strong IT Security
Safer Internet Day offers a reminder of steps your organization can take to enhance its IT security and combat DDoS attacks and other forms of cybercrime.