Intel has announced that its next generation of mobile processors, dubbed Tiger Lake, will arrive with malware protection built into the chip, courtesy of its novel CET technology.
Intel has been working on CET (Control-flow Enforcement Technology) since 2016 when it first introduced the version 1 of the CET specification.
CET is designed to protect against the malicious use of legitimate code through control-flow hijacking attacks, which is widespread in many types of malware. Intel believes that addressing the attack at the chip level will prevent it from taking place and will also stop resources from being used up by such attack.
"As an opt-in feature in Windows 10, Microsoft has worked with Intel to offer hardware-enforced stack protection that builds on the extensive exploit protection built into Windows 10 to enforce code integrity as well as terminate any malicious code," David Weston, director of Enterprise and OS Security at Microsoft explained.
Malware attacks are not at all new, but the most common being performed by hackers are those called "fileless" attacks. These attacks are done by injecting malicious code directly into the memory, which antimalware software may fail to detect since they look for binary, executable apps running from a hard drive.
By reinforcing the chip's hardware, malicious attacks can be decreased. It acts as another layer of protection that will prevent attacks from becoming successful and destroy the infrastructure of an organization.
While Intel's new design presents advantages, experts believe there are downsides to it as well, as with most types of technology.
According to Malek Ben Salem from Dublin-based security firm Accenture, the integration of a security feature into hardware has one enemy, which is performance degradation, whereas there is more flexibility when working with software. When working with software, it's possible to deploy it on more architectures as well.
The best way to make use of this technology is to not embrace it too fast and take every aspect of it with caution. It's a fairly new technology, which means everybody should make sure it's configured adequately for it to work. It's also important not to expect CET to do all the work in stopping malware.
There are still many questions about security that CET is yet to address. Intel has not revealed every detail about its new Tiger Lake mobile processors, either. CET has big potential, though, and the challenge lies in how organizations use it to its fullest potential.
