In one of my first posts as a blogger nearly 2 years ago, I discussed the potential for disaster if a compromise in the virtualization platform (hypervisor/VMM) occurred.
Last year (I was intending to comment on this at the time, but it slipped my mind), I was reading the IBM X-Force 2010 Mid-Year Trend and Risk Report. Similar reports are available from other labs; however, this one had a section specifically on vulnerabilities and threats in virtualization.
I still have clients that are skeptical that the threat is real. The data gathered by IBM shows that the threat is real. The report shows several charts over several pages discussing vulnerabilities in virtualization platforms (both desktops and servers).
The chart in Table 5 (page 53 of the report) below really caught my eye. Check out the row that I’ve circled in red. It shows that many (35%!) of the server virtualization vulnerabilities resulted in an escape to the hypervisor which is described as
Vulnerabilities that allow an attacker to “escape”
from a guest virtual machine to affect other virtual
machines, or the hypervisor itself. In the case of
workstation products, these vulnerabilities do not
affect the host operating system.
A breach of the virtualization platform which results in an escape to the hypervisor represents a worst-case security scenario. I’ll reiterate what I’ve been saying for more than 4 years:
- The virtualization platform (hypervisor/VMM) is software written by human beings and will contain vulnerabilities. Microsoft, VMware, Citrix, …. all of them will and have had vulnerabilities.
- Some of these vulnerabilities will result in a breakdown in isolation that the virtualization platform was supposed to enforce. This is not good.
- Bad guys will target this layer with attacks. The benefits of a compromise of this layer are simply too great.
- While there have been a few disclosed attacks, it is just a matter of time before a widespread publicly disclosed enterprise breach is tied back to a hypervisor vulnerability.
What do you do? I’ve written about this extensively for clients. First and foremost, extend the your vulnerability and configuration management processes to this layer just as you would for any sensitive OS. In fact, I’d argue that the virtualization platform is the most sensitive x86-based OS in your data center. Treat it as such.
Category: next-generation-data-center next-generation-security-infrastructure virtualization virtualization-security
Tags: best-practices cloud-security hypervisor-security information-security next-generation-data-center next-generation-security-infrastructure virtualization virtualization-security vmware
Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.