I mentioned in one of my previous blog posts that the number one argument against cloud adoption is that of data security. When you have your own data centre or an on-premises machine, you know exactly where the data is residing and you are completely in control of protecting it.
When you go the multi-cloud route, you are sharing resources with other users and the cloud provider shares the responsibility of data protection with you. For a number of people, storing (and/or processing) data on a virtual machine has the same risks as swimming in a public pool. We have discussed the benefits of virtual machines a number of times in the past, so let’s focus on the risks in this blog post.
A hypervisor or a virtual machine monitor is software or hardware used to create one or more virtual machines. If you are a noob like me, think of it as software that connects you to off-premises data centres and enables you to reserve storage and processing capabilities for your company. For a data breach to happen and your virtual machine (or machines) to be compromised, hackers need to gain access to the hypervisor (unless they gain access to the physical servers located in the data centre).
While hypervisor attacks are not as common as more conventional cyber-attacks, more and more organisations are moving towards a multi-cloud strategy, and it’s not like data hosted on the cloud has never been compromised, so you need to know how to protect your virtual machines.
Vulnerabilities in the Hypervisor
Third-party APIs are one of the first routes attackers take to try to access your hypervisor. The more APIs you have, the more vulnerable you are. In some cases, you may not have control over the amount of third party applications you will need, so there may not be much you can do to minimize this vulnerability.
Code that Doesn’t Take Security Into Consideration
The size of the assembly code and VMX-related code used in building the hypervisor matters. Larger code provides a larger surface area for the attackers and is most likely to contain more errors as compared to small amount of code. Similarly, if the code was designed with a low degree of security, it will be more vulnerable as compared to a carefully designed counterpart.
Rogue Hypervisor Add-Ons
While the Azure hypervisor and others come with a lot of add-ons, you may require some additional features that force you to choose other add-ons. In case the add-on you choose does not take security into consideration, or it is a rogue add-on that intentionally opens backdoors for attackers, it will prove to be disastrous for your virtual machines.
What Kind of Attacks Can You Expect?
Denial of Service (DoS): In a Denial of Service (DoS) attack, the attacker will try to overwhelm your system by flooding it with a large number of formatted requests. The server will try to cater to the requests, and the attacker will consume so many resources that the server will become unavailable for your real users.
Privileges Gain: The attacker, after exploiting a vulnerability in your system, gains access to user privileges and starts using it as an authenticated user. The damage they can do depends on the kind of privileges you have made available to users.
Information Gain: This is a small-scale attack where the attacker gains access to system information. While their access to the information may be ‘read-only’, they can exploit further vulnerabilities to do more damage in the future.
Apart from these, you can also expect the following:
- Stack overflow
- Memory Corruption
- HTTP response splitting
- Directory Traversal
- Cross-Site Scripting
- Cross Site Request Forgery
- Bypass something
For a detailed account of these attacks, you should check out this academic paper by Alan Litchfield and Abid Shahzad of Auckland University of Technology.
How To Handle These Hypervisor Attacks
Once a hypervisor attack happens, the attacker will act quickly and your virtual machines will be compromised. In some cases, they may hold your data ransom and ask you to pay up lest they make it public. In other cases, their attack will leave you with downed servers that you would need to get up and running as soon as possible. In either case, there isn’t much you can do when the attack takes place. When it comes to hypervisor attacks, prevention is better than cure. Here’s how you can prevent hypervisor attacks:
Always Keep An Eye Out For Hypervisor Updates
You need to patch the hypervisors to defend them against the latest threats. If you are using Microsoft Azure, you can leave that responsibility to Microsoft as they perform periodic updates to the physical infrastructure as well as the software. This means your software components will be patched automatically.
Be Extremely Careful With Access Privileges
This is in connection to the earlier section about privileges gain. The attacker, in most cases, can only have as much access as you have allowed to an average user, so make sure you allow role-based access privileges to all users, so even if the hypervisor is compromised, the attacker can’t do much damage.
Going multi-cloud is all the rage in the cloud computing industry these days, and that’s because of its many benefits. One of those benefits is that your data is stored (and processed) in multiple locations. This means that you will have multiple hypervisors and contingencies, and you can design the structure in a way that minimises your vulnerabilities.