Stuck at the airport after two consecutive JetBlue flight cancellations (and hoping the third isn’t cancelled as well), I ran across this recent article on a publicly documented and confirmed hypervisor attack – this time on the hypervisor used in the Sony PS3 (in this cases using a hardware-based timing attack). A different exploit (not based on hardware timing) was publicized last year on Microsoft’s Xbox.
This doesn’t mean that hypervisors are inherently insecure. The lesson? If the target is attractive enough, the bad guys will find a way to break in. In the case of a gaming console, it’s about stealing intellectual property in the form of games. In the case of our data centers, it’s also about stealing our intellectual property, just in a different form.
And like the gaming consoles, it would be a mistake not to assume that the x86 virtualization layer we are installing in our data centers won’t be subjected to similar types of intense scrutiny for vulnerabilities. But, unlike the gaming consoles, don’t expect the hacker that steals your stuff to post it on a public web site for fame and glory. Today’s attacks are targeted and stealthy. Many times, you don’t know you’ve been hit until well after the fact.
Further, I’d argue that these x86-based virtualization platforms we are putting in our data centers are the most critical x86 workload we are responsible for and should be protected accordingly. I provide pages of specific recommendations on how to do this in this research note for clients.
By the way, the free WiFi , seating and power jacks in JetBlue’s new Terminal 5 at JFK made the delays a bit more tolerable, but it was clear that it is still not prepared in terms of staffing and communications for significant disruptions from weather.