Analysis of virtualization making systems more vulnerable to hacker attacks
Author:Eve Cole
Update Time:2009-07-24 15:45:41
Virtualization technology enables multiple operating systems to run application software on the same computer. Because this can better manage and utilize IT resources, it has attracted the attention of IT managers.
However, some IT managers and security researchers are warning companies that the adoption of virtualization presents technical problems that will make corporate systems more vulnerable to hackers.
IT security and compliance programs for virtual machines are far more complex than for servers running a single operating system and application software, said Chad Lorenc, a technical security officer at a financial services company.
"Currently, it is impossible to find a single solution to solve the security problem of virtual environments. Instead, we must consider it from multiple perspectives such as customers, processes, and technology."
Virtualization technology allows enterprises to consolidate application software running on multiple systems on a single server, which simplifies management requirements and enables better utilization of IT hardware resources. However, although this technology has been around for many years, IT companies have only recently taken a serious interest in this technology. At the same time, companies such as Intel, AMD, VMware, Microsoft and IBM have also developed many products.
George Gerchow, a technology analyst at a security firm, said that before IT architectures move to virtualization tools, they must understand that consolidating multiple servers into one does not change their security needs.
In fact, he noted, each virtual server faces the same threats as a traditional server. "If one host is vulnerable, then all virtual guest machines and the enterprise applications on those virtual machines are also at risk," George said.
Therefore, a server running a virtual machine faces more dangers than a physical server.
He noted that virtualization software makes it easier for developers, quality assurance groups and other enterprise users to create virtual machines and is less prone to technical vulnerabilities. If IT managers don't take control, such virtual machines can pop up, be moved between systems, or disappear entirely.
"IT departments are often unprepared to deal with this complex system because they don't understand which server the virtual machines live on, or which one is running and which one is not." Because they don't understand the virtual machines operating conditions, companies often cannot patch or upgrade systems when necessary.
The complexity of patching systems
Even if IT staff does understand what's going on with the virtual machines, they still face the problem of installing patches or taking the systems offline to perform routine security upgrades. As the number of virtual machines increases, the risks associated with system patches and application software upgrades will also increase one by one.
Lorenc recommends that enterprises install tools that can quickly inspect and discover virtual machines when creating virtual servers. He also suggested that enterprises introduce strict policies to control the expansion of the number of virtual machines. At the same time, it is very important for IT managers to have a clear understanding of the operation of each application software in the enterprise in the virtual environment. Enterprises should establish separate patching processes for virtual machines and create strict improvement management policies while limiting access to virtual environments.
We are still at the stage where we must mature some of the operational processes in this area ourselves through improved management and technology.
Lloyd Hession, chief security officer at BT Radianzd, said virtualization also revealed a potential network access path control issue. He noted that this technology allows different application servers with multiple access requirements to run on a single host with a single IP address. Therefore, IT managers should use appropriate access path control methods to ensure that a network license corresponds to a virtual server on a host.
Currently, most networks are not virtualized. Many network admission control technologies make the "get in" and "don't get in" decisions unknown, whether a server is a virtual machine or not.
Security experts have also noticed that expanded capabilities in virtualization tools from major vendors have given hackers and security researchers a trove of untapped code from which to discover security vulnerabilities and ways to attack systems.
This month, Microsoft released a patch to address a flaw in its virtualization software that could give users uncontrolled access to operating systems and applications, a flaw it rated as important but not critical.
Security experts say that as virtualization technology becomes more popular, more such vulnerabilities will appear in software packages.
Possible defects
Kris Lamb, director of the X-Force group in IBM's Network Systems Department, uses virtual machine control tools—the virtualization functions of management systems—as a powerful potential platform for hackers to attack virtual machines.
As the boundary between hardware and different virtual machines on the host, the virtual machine manager uses a console to manage host resources.
According to security experts, control software often resides only at a certain hardware level and is used to launch undetectable attacks on operating systems and application software. In fact, security researchers say they have demonstrated how control software can carry out virtual machine attacks. For example, researchers from Microsoft and the University of Michigan discovered SubVirt earlier this year - a "root file" that can be used to install a virtual machine controller under an operating system. This behavior allowed the researchers to achieve complete control of the virtual machine.
A similar attack method called Blue Pill was developed by Joanne Rutkowska. Rutkowska's "root file" attack method is based on AMD's secure virtual machine, code name Pacifica. It uses a method similar to the SubVirt attack method to attack virtual systems, but it has not been discovered by IT personnel.
For hackers, such software provides a target.
