Hardware failure can lead to 70% breakout in Cloud / virtualization setup

cosmic raysGoogle released details on how an attacker can take advantage of the physical design and setup of some memory chips in computers. This exploit basically is based on setting and releasing a charge on one memory block to the point it leaks over to the neighbor block (simplifying here). Stated another way – Imagine cutting an onion and then using the same knife to cut a tomato… the taste of the onion would definitely transfer to the tomato, ask any toddler 😉

  • What does this mean to enterprises – well it is early, but this type of risk to an organization should be addressed and covered in your third party supplier / procurement security team. Leading organizations are already vetting hardware vendors and the components included in each purchase to prevent malicious firmware and snooping technology.
  • In addition, the supplier team managing all of the deployed cloud and virtualization relationships (your Cloud Relationship Manager) should begin a process of reviewing their provider evaluations.

Of course this is a new release and the attack is not simple, but that doesn’t mean it won’t and could not occur.

The attack identified by Google plus the virtualized environment creates a situation where an attacker “…can design a program such that a single-bit error in the process address space gives him a 70% probability of completely taking over the JVM to execute arbitrary code” – Research paper

Given the probability of success, it is definitely valuable to have this on your risk and supplier program evaluations.

Here is the full analysis by Google and the virtualized research paper.

Best,

James DeLuccia

d

To

Advertisements

One response to “Hardware failure can lead to 70% breakout in Cloud / virtualization setup

  1. Pingback: 1p – Hardware failure can lead to 70% breakout in Cloud / virtualization setup | Profit Goals

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s