Skip to content

Industry Insight: Another Intel Security Flaw? How This Foreshadows Delays for 5G.


On 8/14/2018, Intel revealed another security flaw has been exposed called “Foreshadow”, whereby a botnet could bypass the safeguards and create a “shadow copy” at an unprotected location of the computer’s CPU rendering Intel’s security measures inert.

Currently this vulnerability is only for Intel’s SGX-based CPUs: Skylake and Kaby Lake used in many Xeon Server deployments.

In January, Intel revealed two separate flaws, named Spectre and Meltdown, that also exploit the same performance-boosting method called speculative execution (pre-loading computing instructions anticipated), which can be exploited to steal data from supposedly protected processes.

What is concerning with newer 5G nano-data centers being planned by Communications Service Providers, CSPs, is these vulnerabilities could be leveraged to attack data centers by breaking the security boundaries between one client’s application or virtual machine and another. For instance, a hacker could use a variant of Foreshadow to log into a cloud service and potentially read memory from another user or application hosted on the same server.

NFV (network function virtualization) is a key enabler of the new 5G architectures leveraging nano-datacenters at the edge of the network helping to virtualize all the various appliances in the network.  In particular, new functions called “network slicing” enable multiple virtual applications to be created atop a shared physical infrastructure.

While inter-application firewalls may mitigate this new security threat, ideally complete separation of user applications from network applications on distributed physical infrastructure may be the preferred approach in the interim until Intel develops a complete solution solving the Foreshadow and other processor-level vulnerabilities.

Implications for Business Leaders

Today’s CSPs embarking on the 5G journey will need to address the vulnerabilities that have been uncovered in their nano-datacenter deployments leveraging NFV.  Operators will need to maintain complete security across their networks while enabling greater flexibility in the network infrastructure in delivering new, virtualized 5G applications and functions while stabilizing management complexity.

Operators also need to clearly recognize the new category of security threat that is represented by Meltdown, Spectre and now Foreshadow.  CISOs, CTOs and CIOs need to think of security holistically and consider new approaches to de-risk these processor-level threats.  The C-Suite and the board need to understand the significant risks that processor-level vulnerabilities such as Foreshadow will have on their business and on their digital strategy.

This material may not be copied, reproduced, or modified in whole or in part for any purpose except with express written permission or license from an authorized representative of neXt Curve. In addition to such written permission or license to copy, reproduce, or modify this document in whole or part, an acknowledgement of the authors of the document and all applicable portions of the copyright notice must be clearly referenced.

If you would like to engage with a neXt Curve analyst on this topic, please:

If you would like to be notified of our latest research by email, please:

Related Content

Subscribe to neXt Curve!

By subscribing to the neXt Curve site you will registered with our reThink research blog and have an opportunity to engage with one of the most vibrant and independent discussions on our digital future. As a subscriber, you will receive newly published research articles and content as well as invitations to exclusive events by mail.

By subscribing you acknowledge and accept the terms of neXt Curves privacy policy.

Request an Inquiry

Send us an email

Request a Briefing