In one of my first posts as a blogger nearly 2 years ago, I discussed the potential for disaster if a compromise in the virtualization platform (hypervisor/VMM) occurred.
Last year (I was intending to comment on this at the time, but it slipped my mind), I was reading the IBM X-Force 2010 Mid-Year Trend and Risk Report. Similar reports are available from other labs; however, this one had a section specifically on vulnerabilities and threats in virtualization.
I still have clients that are skeptical that the threat is real. The data gathered by IBM shows that the threat is real. The report shows several charts over several pages discussing vulnerabilities in virtualization platforms (both desktops and servers).
The chart in Table 5 (page 53 of the report) below really caught my eye. Check out the row that I’ve circled in red. It shows that many (35%!) of the server virtualization vulnerabilities resulted in an escape to the hypervisor which is described as
Vulnerabilities that allow an attacker to “escape”
from a guest virtual machine to affect other virtual
machines, or the hypervisor itself. In the case of
workstation products, these vulnerabilities do not
affect the host operating system.
A breach of the virtualization platform which results in an escape to the hypervisor represents a worst-case security scenario. I’ll reiterate what I’ve been saying for more than 4 years:
- The virtualization platform (hypervisor/VMM) is software written by human beings and will contain vulnerabilities. Microsoft, VMware, Citrix, …. all of them will and have had vulnerabilities.
- Some of these vulnerabilities will result in a breakdown in isolation that the virtualization platform was supposed to enforce. This is not good.
- Bad guys will target this layer with attacks. The benefits of a compromise of this layer are simply too great.
- While there have been a few disclosed attacks, it is just a matter of time before a widespread publicly disclosed enterprise breach is tied back to a hypervisor vulnerability.
What do you do? I’ve written about this extensively for clients. First and foremost, extend the your vulnerability and configuration management processes to this layer just as you would for any sensitive OS. In fact, I’d argue that the virtualization platform is the most sensitive x86-based OS in your data center. Treat it as such.
Category: Next-generation Data Center Next-generation Security Infrastructure Virtualization Virtualization Security Tags: Best Practices, Cloud Security, Hypervisor Security, Information Security, Next-generation Data Center, Next-generation Security Infrastructure, Virtualization, Virtualization Security, VMware