David Firth @ Siemans talks about it:
One of the great benefits of virtualisation as mentioned is the pooling of resources with the ability to re-deploy VMs ‘on the fly’. It is easy to create ‘Gold’ master VM images and replicate these as needed to increase computing resources. VM’s can be deployed instantly and shuffled around the infrastructure in a similar way as transferring files, however managing change and introducing security into this mix becomes incredibly complex.
Attacks on virtualised systems have so far been few and far between mainly due to only recent adoption, however the number of installed systems is set to double by 2012 and proof of concept attacks are already in existence. Attacks on virtual systems can come from an extension of older forms of attack such as Denial of Service (DoS), buffer overflows, spyware, rootkits and/or Trojans – all prone to lurk beneath guest operating systems.
Additionally new specific attacks include those from worms, guest hopping, Hypervisor malware and Hyperjacking all involving the Hypervisor itself being exploited and used to subvert each VM it controls. As the volume of virtualised software increases more exploits will be written and they in turn will become increasingly insidious (potentially compromising several VM systems at once).
In the recent rush to deploy virtualisation technologies, cost and mobility have been the top priorities and many other implications (such as security, integration, management etc..) have still to be worked out. Existing security technologies typically revolve around static and IP based controls (be they firewalls, IDS’s, VLAN’s etc..) however with the erosion of technology tied to a particular location, the tracking of IP or static based identifiers is no longer sufficient, indeed most network and admission control technologies are not virtualisation aware.
See the full article here and you will see Siemens and others ay the InfoSecurity in April.
Comments
Post a Comment