Microchip flaw leaves PCS open to hacking
Millions of computers using Intel microchips are prone to hacking because of a flaw that went unnoticed for a decade. It was warned that the flaw could allow hackers a “persistent and undetectable backdoor” into computers. Intel chips appear in almost all PCS and other technology. Industry experts also said that a fix being developed to repair the flaw could slow down devices running the chips by up to 30 per cent.
MILLIONS of computers using Intel microchips are prone to hacking because of a flaw that went unnoticed for a decade, it has emerged.
Software companies are working on the issue but industry experts warned a fix could slow devices running the chips by up to 30 per cent.
The flaw could allow hackers a “persistent and undetectable backdoor into someone’s computer”, Mike Godfrey, a cyber expert at Insinia Security, told The Daily Telegraph. It grants access to a computer’s kernel, which runs and stores every function on the device, and means an outsider could bypass antivirus or firewall security software. It could allow malicious software to steal passwords and files or cryptographic keys.
The National Cyber Security Centre, an arm of GCHQ, advised people to install updates when they became available.
“We are aware of reports about a potential flaw affecting some computer processors,” a spokesman said. “At this stage there is no evidence of any malicious exploitation and patches are being produced for the major platforms.”
Intel chips appear in almost all personal computers and other technology. Most mobile phones are not affected.
Financial institutions and businesses with large IT infrastructure may have been compromised for several years, Godfrey added. Train systems and autonomous cars also use the chips.
Intel had reportedly warned software vendors including Microsoft, Amazon and Apple, who are believed to be creating a workaround to fix the flaw. But this fix could make computers 30 per cent slower, according to technology website The Register.
Matthew Hickey, security expert and co-founder at My Hacker House said: “The real problem is for companies trying to support customers on their servers. Hypothetically, if a company once had capacity to support 100,000 users, that number may drop to 70,000. It could have real cost implications for businesses that have been using or intend to use cloud technology and Intel servers.” The bug has
‘If a company once had capacity to support 100,000 users, that number may drop to 70,000’
been known to security workers for some time, but was not due to be publicly disclosed until software giants had issued a patch, so that the details could not be exploited by criminals.
The fixes are expected to be released next week.
Hundreds of millions of devices could be affected.
Intel last night denied the flaw was “unique” to its products. It said: “Based on the analysis to date, many types of computing devices – with many different vendors’ processors and operating systems – are susceptible to these exploits. Intel is committed to product and customer security and is working closely with many other technology companies … to develop an industrywide approach to resolve this issue promptly and constructively.”