One of the most significant obstacles facing cloud services in their brief but influential history has been the perception that the technology is inherently less secure than onsite, legacy alternatives. This line of reasoning has been driven by subjective opinion and anecdotal evidence as much as anything else, but a recent analysis conducted by information security specialists at Context may provide objective supporting evidence to those theories.
Last month, Context researchers conducted an exhaustive assessment of four major cloud providers and supplied a related whitepaper touching on subjects ranging from business use cases to service level agreements and data security risks. Researchers have since revealed the identities of the cloud providers whose systems were placed under the microscope and raised red flags on a series of infrastructural vulnerabilities that could be quite prevalent in the field.
Not surprisingly, the issue concerns the concepts of resource sharing and multi-tenancy that are central to cloud infrastructure. According to the report, researchers were able to exploit a systemic weakness in data separation protocols that allowed them to gain access to the so-called "dirty disks" of separate service users in the cloud environment. These sensitive resources contained information ranging from fragments of customer databases to system intelligence that could enable savvy hackers to take control of neighboring servers.
"In the cloud, instead of facing an infrastructure based on separate physical boxes, an attacker can purchase a node from the same provider and attempt an attack on the target organization from the same physical machine and using the same physical resources," Context research and development manager Michael Jordon explained. "This does not mean that the cloud is unsafe – and the business benefits remain compelling – but the simplicity of this issue raises important questions about the maturity of cloud technology and the level of security and testing undertaken in some instances."
As Jordon explained in an interview with TechTarget, hackers could essentially purchase a virtual machine from a cloud provider through legitimate means and then read and copy data remnants left in the newly provisioned storage space by former tenants. They could then refine this technique to increase speed of data collection via automation or train their tools to locate select materials such a credit card numbers of login credentials.
This issue was initially identified on a Linux server being hosted by cloud provider Rackspace. The company has since patched the vulnerabilities following the test trial. VPS.NET, a separate participant in the study, has reportedly addressed the issue as well – although Context researchers were unable to corroborate these claims with additional testing.
By digging a bit deeper to add perspective to the study, Context analysts found that VPS.NET is based on OnApp technology, a series of proprietary systems used by more than 250 cloud providers around the world. OnApp officials confirmed that its protocol is to allow customers to opt-in to data wiping services that would prevent the "dirty disk" vulnerability. This practice, according to Context, could be leaving thousands of underinformed clients out in the cold and at significant risk.
Context report authors suggested that this fundamental flaw could apply to any circumstances in which "direct hardware access to the disk" is provided to users accessing a shared file system, whether or not it is cloud-based.
In the end, researchers cautioned against any notions that cloud security is inherently "broken." However, the surprisingly simple nature of the exploited vulnerability should serve as a lesson to cloud providers that it is well past time to shore up fundamentals through diligent testing.
Cloud Security News from SimplySecurity.com by Trend Micro
