Atom Bomb(s)




Over the course of this week various news outlets began to report and further investigate issues with Intel’s Atom C2xx chips. These low power CPUs appear to suffer from a hardware fault which renders them useless after roughly eighteen (18) months of service.

You should care because this family of CPUs is widely used across network platforms and peripherals. Effected product lines include security platforms (Cisco ASA, pfSense Netgate), Switching platforms (Cisco Nexus, Broadcom Trident II), industrial routing components (Cisco 809) and possibly Network Storage. The list of products will likely only grow over time as vendors investigate the issue and report on effected products.

What Should You Do Now?
  • Keep Up to Date – you should look to ensure that your engineering and infrastructure people are aware of this issue and are monitoring the situation for updates.
  • Identify your risks – with the information available now and as more information is released, look to identify platforms and services at risk. Review your contingency plans and be prepared to use them. Ensure to include your entire inventory of effected products in this assessment, including spares, DR and BCP stocks.
  • Contact Your Support Provider – if you have 3rd party support in place consider reaching out to ensure they are aware of the issue and ask them what steps they are taking.
  • Consider contacting your vendors – consider proactively reaching out to your vendors. Whilst the big names are currently dominating the discussion, consider reaching out to any smaller, lesser known vendors you employ. 
Sources
ExtremeTech: 
https://www.extremetech.com/computing/244074-intel-atom-c2000-bug-killing-products-multiple-manufacturers
The Register: 
https://www.theregister.co.uk/2017/02/03/cisco_clock_component_may_fail/ 
https://www.theregister.co.uk/2017/02/07/intel_atom_failures_go_back_18_months/
ServeTheHome:
https://www.servethehome.com/intel-atom-c2000-series-bug-quiet/



Popular posts from this blog

Tools & Techniques - Cloud Firewalls (DigitalOcean)

PCI-DSS: Your CDE may be getting bigger

WAR GAMES - Simulating Security Incidents