According to a recent research by Context Information Security, there exist potentially major faults in the execution of Cloud infrastructure services that some providers offer, which could be risking the data of their clients. Content consultants exploited this vulnerability to access some information left on the dirty disks of other users. They also gained access to a bit of customer databases, as well as essentials of system information that could merge with other data to aid an attacker in taking control of other hosted services.
Context put four providers into a test, found that Rackspace and VPS.NET were not constantly secure in dividing nodes or virtual servers through network resources, and shared hard disk. The two providers were informed of the results. As a result, Rackspace work in conjunction with Context to pinpoint and handle the latent vulnerability. There was a problem with some users of the platform for Linux Cloud Servers. According to Rackspace, they do not know of a point where customers’ data was exploited by an authorized party in any way.
Context went ahead to test the current Rackspace’s cloud platform together with the new Next Generation Cloud computing solution using OpenStack. The results were promising; the matter of security vulnerability had been taken care of. However, other providers might be under threat if they employ the services of the well-known hypervisor software, and use it in the way Rackspace used before rectifying the main issues.
VPS.NET informed Context that it went ahead to deal with the security threat but did not give details. VPS.NET depends on OnApp tech, which is used by more than 250 additional cloud providers. According to OnApp, they allow customers to opt-in to removing their data in a secure manner, which then leaves other virtual machines at possible risk. Moreover, they had not take the necessary steps to clean up the remaining data left by customers and providers since many customers are not affected. A lesson learnt from the whole research is that there will be a leakage of data between servers if virtual machines cannot be properly isolated or a blunder happens in the process of provisioning or de-provisioning.
This vulnerability comes about in the way some providers automatically provide new virtual servers, assign novel storage space or initialize operating systems. Security steps taken to offer separation between the different nodes can sometimes be ignored because of errors or performance reasons. This makes it possible to gain access to data that is on the physical storage provider. After this alert by Context, Rackspace has embarked on a number of remedies to make sure that data deleted from their disk is zeroed, which will then prevent new servers from seeing the rest of the users. They have also cleaned up all the current virtual disks.
If you found this article useful, don’t forget to share it by clicking one of the buttons below. You can also share your thoughts in the comments section below.