Major cloud provider vulnerable to co-lo attack

By on
Major cloud provider vulnerable to co-lo attack

A major household IT outsourcer had a vulnerable configuration that could have allowed attackers to access co-location client systems.

The vulnerability was present in its service management tools and was discovered in recent penetration tests. 

BAE Systems Detica strategy group director David Owen could not reveal the name of the affected organisation but said the vulnerability was common to several mainstream outsource providers.

"We found that customers could bust into other clients," he said. "The problem for customers is when they move from pure dedicated hosting to [colocation] and there is poor separation between clients."

The discovery was just one of many similar vulnerabilities found in cloud environments. Flaws could also be introduced by insecure users, as a team at the Center for Advanced Security Research Darmstadt discovered when they accessed critical data including passwords and cryptographic keys over Amazon Web Services.

Owen said providers faced a challenge in that they needed to mitigate security risks from their own suppliers, including identifying which of those provided equipment from which attackers could access data in the cloud.

Vendors must consider what was acceptable to customers when planning their risk assessments. At present, most vendor assessments were simplistic black box tests that ignored client risk tolerance and the impact that a breach may have on them, Owen said. 

"The model now is a black box. It's a question of controls design and execution of controls. Ownership of risk is with the client, not the provider."

"When you think of past data breaches, you remember the name of the customers, not the provider."

Last year Detica faced 339 "very sophisticated attacks" of its own directed against its networks. Some 92,000 less serious attempts were made, managing director Martin Sutherland told BBC radio. (mp3)

He said attackers sought data on valuable projects the defence contractor was engaged with.

Got a news tip for our journalists? Share it with us anonymously here.

Copyright © SC Magazine, Australia


Most Read Articles

You must be a registered member of CRN to post a comment.
| Register


Will Coronavirus impact the channel?
Yes - By making it harder to order hardware
Yes - Cancelled conferences and business trips will be widespread
Not directly - It will slow the economy and that may have an impact
No - We can't see any impact
Not negatively - It's already created demand for things like remote access
View poll archive

Log In

Username / Email:
  |  Forgot your password?