Thu | Feb 22, 2018

Wheatley urges vigilance against Spectre and Meltdown computer problems

Published:Friday | January 5, 2018 | 12:08 PM

Minister of Science, Energy and Technology, Dr Andrew Wheatley is urging local businesses, government agencies and individuals to be vigilant in light of recent vulnerabilities found in microprocessors.

He said the latest vulnerabilities, dubbed Spectre and Meltdown which affects devices that use Intel, AMD or ARM microchips/processors, must be taken very seriously as it impacts mobile devices, laptops, workstations and servers.

The hardware vulnerability, which was discovered by researchers from academia and Google, highlights a microprocessor flaw that if exploited could allow an attacker to gain access to sensitive data in ways previously unheard of, Wheatley said in a release.

“As a country we must take this situation seriously,” he said.

“Small and large businesses, hospitals, utility companies, telecommunication firms, entities in the health, finance and insurance sector must all take the necessary steps to secure and update their computer systems to mitigate against any attack that may result from these two vulnerabilities,” Wheatley added.

He said the latest vulnerability has prompted software and hardware giants to issue security updates and patches to mitigate any immediate issues.

Dr. Wheatley is assuring the country that the Jamaica Cyber Incident Response Team (JaCIRT) has been monitoring the situation and has sent advisories to all ministries, departments and agencies on the practices that must be employed to mitigate against exploitation.

The JaCIRT has been working round the clock with local stakeholders, international partners and with private sector experts to lead any needed response, the Minister said.

The Minister said JaCIRT has suggested two basic steps that should be followed in an effort to mitigate against exploitation of the vulnerability:  Ensure systems are patched as soon as the patches are released by vendors, and ensure all software to date as at January 5, 2018 and constantly updated as vendors release updates.

Dr. Wheatley said that currently there has been no reported case of either of the vulnerabilities being exploited in Jamaica.

However, with the release of the vulnerabilities into the public domain “we need to ensure that all protective measures are put in place,” the Minister said.

- business@gleanerjm.com