ZombieLoad: The Poster Child for the Need to Encrypt Memory Contents
By Ameesh Divatia, CEO and co-founder | May 16, 2019
The new Intel chip flaw, ZombieLoad, harkens back to the Meltdown and Spectre attacks, where we saw that security features implemented in processors are just as vulnerable as those implemented in software and can just as easily leave our data accessible to hackers. The new potential chip attacks exploit the same speculative execution process that was central to Meltdown and Spectre.
These processor vulnerabilities make the job of protecting data in environments not controlled by the data owner, such as cloud, particularly challenging. Even if the data is protected in-flight (SSL) and on-disk (TDE, SED), the data remains in the clear in memory when it is being processed by the database server and thus completely exposed to attacks that allow sensitive data to be extracted from memory.
Intel said patches to the microcode (which are projected to cause a 20-40 percent performance degradation) will help clear the processor’s buffers, preventing data from being read. But that’s the problem: clearing memory contents is not the fix – keeping the contents encrypted is.
The more secure approach is to encrypt any data that leaves the trust boundary using a standard algorithm, such as AES, and keep it encrypted at all times even when it is stored in machine memory and while being processed by the CPU. This renders any exposure irrelevant as the only data that is exposed is encrypted. Adoption of such ground-breaking innovation is the answer to this persistent data breach threat and the constant tradeoffs between security and performance.
Some might say that as long as you don’t use any cloud services, online social media, or web-based email service, you have nothing to fear. First, that’s not possible in this day and age and second, on-premise environments are just as vulnerable, sometimes more so. The reality is that there are gaps across multiple threat vectors and data will continue to be stolen and leaked across multiple channels until a more data-centric approach is taken. There has been a litany of these types of vulnerabilities and the scope of the potential exposure continues to grow.
Want to learn more? Watch our 90-second video on how Baffle can operate on encrypted data without any application code modifications.