We Are All Affected, Worldwide
The chip used in most computers, workstations and electronic devices has a dangerous flaw that makes the electronic device vulnerable to cyber criminals. The flaw makes electronic devices susceptible to malicious software called Meltdown and Spectre. The Department of Homeland Security warns that the vulnerability will be cured only when new chips are available and installed. However, a representative of the leading chip maker Intel, says software and firmware patches should be available from chip manufacturers to correct the flaw at some future date.
Apple is warning its customers that Iphones, Ipads and Macs are vulnerable but is working to correct the flaw with patches and updates. Google, Microsoft and others have created and made some updates available and are working to create more security patches to address the risks.
Take Action Immediately
What can you and must you do now?
Check all your devices and install all available software patches and updates.
Keep checking for updates regularly. This guidance from the Department of Homeland Security includes links to vendor advisories and patches published in response to the Meltdown and Spectre.
Beware of phishing emails that promise Meltdown or Spectre solutions. This is a common cybercriminal tactic, to take advantage of the fear created when a major security flaw is publicized. Think Before You Click. It is believed that the Spectre malware in particular is distributed when unsuspecting users click on a link in an email or malicious advertising.
In some cases organizations may want to install an ad blocker. Ads are a common entry point for hackers. Individuals should consider installing ad blockers on all their personal devices.
For more in-depth information, a good article aimed at general audiences can be found here from PCWorld.
In Healthcare, Full HIPAA Compliance is a Good Defense
A Risk Analysis and Risk Management Plan required by HIPAA helps health care providers and business associates create defenses against security breaches by raising awareness, providing workforce training and creating an inventory of equipment and data, with an action plan for preparation, prevention, response and recovery. The HIPAA E-Tool® has everything needed to provide the strongest defense possible.