9 Dangers of Using Aging Hardware
Chipmaker Intel recently announced that it won’t issue updates to fix the security vulnerability called “Spectre” in some of its processors.
According to Intel, the following processors, won’t receive an update for Spectre: Bloomfield line, Clarksfield, Gulftown, Harpertown line, Jasper Forest, Penryn/QC, SoFIA 3GR, Wolfdale line and Yorkfield Line.
The processors not supported by Intel for Spectre update are older chips, some more than 5 years old and some are even more than 10 years old. The only exception to the list is the processor SoFIA 3GR which was released in 2015.
Spectre is a security vulnerability that affects, not just Intel, but also most of the modern computer processors and operating systems. This security vulnerability enables computer programs to steal critical data processed on a computer.
Spectre refers to 2 security vulnerabilities, officially named CVE-2017-5753 and CVE-2017-5715. This vulnerability was independently discovered by Jann Horn of Google Project Zero and Paul Kocher.
In January 2018, Google Project Zeropublicly disclosed this security vulnerability. Prior to the public disclosure, on June 1, 2017, the researchers privately informed Intel and other chipmakers AMD and ARM about this vulnerability.
Intel’s decision not to issue security updates for Spectre for its older chips shows the danger of using aging computer hardware. The words “computer hardware” refer to the collection of physical parts of a computer. The phrase “aging computer hardware”, meanwhile, refers to computer parts that may be meeting current needs but pose certain risks.
Physically, some processors are functional even though they’re decades old. Even though these aging processors are working, there are dangers of using them. Here are 9 hidden dangers of using aging computer hardware:
1. Lack of Vendor Support
Some hardware vendors for aging hardware may no longer exist or have closed shop, as such, no one has the knowledge or resources to issue updates.
2. Skills Shortage
When an aging hardware is compromised in any way, it’s hard to fix it as only a few staff or contractors have the necessary skills to remedy the problem.
3. Regulatory Compliance
Outdated hardware may be difficult to update to comply with changing industry standards, laws and regulations.
4. High Maintenance Cost
Maintenance cost for aging computer parts is high due to few service providers, maintenance difficulty and parts scarcity.
5. Access to Data Problem
It’s time-consuming and complex to access and analyze data stored in aging computer hardware.
6. Difficult to Meet Client Expectations
Today’s clients want fast and 24/7 service. Aging hardware simply can’t cope with their expectations, leaving them frustrated, angry and could result in client departure.
7. High Energy Cost
Aging hardware are typically not energy efficient and difficult to modify to reduce their environmental impact.
8. Disaster Recovery Problem
If your organization is using an aging hardware, once disaster hits, it’s hard to recover data.
9. Cybersecurity Vulnerability
The exposure of older Intel processors to Spectre as a result of Intel’s decision not to issue a security update is an example of the danger of using an aging computer hardware.
The older the hardware is, the more it’s vulnerable to cyberattacks. There are two types of cybersecurity researchers. The first type of security researcher is one that finds security vulnerabilities in a particular hardware and reports this information directly to the concerned vendor for the vendor to issue an update to fix the problem.
The second type of security researcher is one that finds security vulnerabilities but doesn’t report this to the vendor concerned. Instead, the researcher, popularly known as a hacker, uses this information for his or own use or share this information with fellow hackers to cause destruction or to extort money – typically asking for Bitcoin payment. Hackers mostly prefer aging hardware as vendors most likely have stopped providing security updates.
Every day, hackers and ethical security researchers are locked in battle who can first discover security flaws.
Public disclosure of security vulnerabilities, meanwhile, has its negative side, that is, this is used by hackers to simply copy the code, release it to the wild, hoping that it would infect unsupported hardware.
Regarding Spectre, there have been no reports that this security vulnerability has been exploited into the wild. According to the security researchers who discovered this vulnerability, they simply don’t know whether or not this vulnerability has been exploited.
One of the reasons for the lack of data of Spectre’s exploitation into the wild is because this security vulnerability is difficult to detect. According to the researchers responsible for discovering Spectre, it’s difficult to detect Spectre as it doesn’t leave any traces in traditional log files. An antivirus also has a hard time detecting this vulnerability as it’s difficult to differentiate between an error-free computer program from Spectre.
Hardware made during the days when cyberattacks were unheard of can’t be assumed that it isn’t vulnerable to cyberattacks. Even as cybersecurity wasn’t a design issue then and cyberattacks were invisible or rare, attacks on aging hardware, especially if the vendor stopped providing security updates, can’t be discounted.
Compared to larger organizations, small and medium-sized enterprises (SMEs) are least likely to upgrade their aging hardware. The reasons why SMEs avoid hardware upgrade is understandable as this is an additional cost. But if we factor in the above-mentioned dangers like the potential of cyberattacks as a result of aging hardware, failure to recover data after a disaster, high maintenance and energy cost, all these could burden your organization more.
SMEs that have aging hardware and overall aging IT systems aren’t likely to succeed in today’s digital economy where cybersecurity and efficiency are seen as essential components.
At GenX, we offer IT infrastructure services, including updating your organization’s aging hardware.