Two vulnerabilities in computers made within the last 20 years could compromise financial advisers’ cyber security.
The weaknesses, called Spectre and Meltdown, allow hackers to use “rogue applications” to read confidential information that is stored in the memory of other applications, Kamino (a subsidiary of Midwinter) said in a statement.
“The vulnerabilities, when exploited, could lead to exposure of sensitive information such as passwords and confidential data on the affected computers,” the statement said.
“Financial planning and accounting industries will be highly vulnerable to this attack.”
The Meltdown vulnerability is the easier of the two to exploit, the statement said, but this affects only Intel computer processors and patches to protect against the vulnerability are available.
Spectre affects all computers, and patches to guard against attacks are still being developed, the statement said, however it is much harder for hackers to exploit than Meltdown.
Kamino cautioned that while these vulnerabilities do not present an “immediate danger”, advisers should make use of available patches for their computer systems as soon as possible, and that those using cloud-based shared infrastructure will need to confirm with their cloud provider that those same patches have been applied as necessary.