Few Meltdown, Spectre Malware Attacks Are Being Reported

Today’s topics include security researchers not seeing widespread Meltdown and Spectre attacks; Cisco unveiling its Container Platform supporting Kubernetes; threats to industrial control systems growing; and Microsoft Azure Cloud revenue nearly doubling in the last quarter.

Security testing firm AV-Test reported on Feb. 1 that to date it has seen 139 malware samples related to the Meltdown and Spectre processor vulnerabilities first disclosed on Jan. 3.

The good news though is that there currently are not any widespread publicly disclosed malware attack campaigns using the vulnerabilities and multiple security vendors have active detection capabilities in place.

Michal Salat, threat intelligence director at Avast, said, "There is no real spike. AV-Test reported seeing around 139 samples so far related to the vulnerability, which is very little if we consider that we at Avast see tens of thousands of new malicious files per day.”

Security vendor McAfee is, however, seeing more malware samples related to Meltdown and Spectre than what AV-Test is reporting. Raj Samani, chief scientist at McAfee, estimates the number of samples at over 400.

At the Cisco Live show last week in Barcelona, Cisco officials unveiled the Cisco Container Platform, a software offering based entirely on the open-source upstream Kubernetes container orchestration platform. The move adds to Cisco’s partnership with Docker that enables container deployments on Cisco’s Unified Computing System appliances.

The Cisco Container Platform is another step in the company’s ongoing transition to a role as a software and services vendor, focusing more on subscription sales and recurring revenue.

Kip Compton, vice president of Cisco’s Cloud Platform and Solutions Group, said, “This new solution … helps customers tap into the potential that containers offer. Containers start faster and use less memory than virtual machines. And they make it possible for developers to package applications so they can work in a consistent and predictable environment.”

The number of unprotected industrial control system networks is growing every year, even though they operate and monitor vital production and management systems in factories, warehouses or even office buildings. Increasingly, these ICS networks are connected to corporate networks, which are vulnerable to attacks like the 2013 breach that exposed personal information about 41 million Target customers.

According to a research report by Positive Technologies, more than 64,000 vulnerable internet accessible ICS components were found in the U.S. in 2017.

Major ICS vendors reported 197 security vulnerabilities last year, more than half reported as critical or high risk, which was a significant increase. Once hackers gain access to a targeted ICS, they can then make their way into attached corporate networks, frequently without any further impediment.

On Jan. 31, Microsoft reported revenue of $28.9 billion for its second quarter of fiscal year 2018, representing a year-over-year increase of 12 percent and beating Wall Street analyst estimates of nearly $28.4 billion. Net income was $7.5 billion, and earnings per share of 96 cents surpassed analyst expectations of 86 cents.

Microsoft's Intelligent Cloud segment, which consists of Azure, server products and enterprise services, generated sales of $7.8 billion during the quarter. Azure revenue nearly doubled compared to the previous year.

Jack Gold, principal analyst at J. Gold Associates, said he expects "Microsoft to continue to grow the Azure revenues. With increased use of AI for enterprise workloads ... Microsoft is beefing up Cortana for user interface and back-end AI services running on Azure.” Gold added that he expects “the Azure IoT to help with uptake as companies move into the deployment of [internet of things]."