Virtualization Risks in the Cloud

---

• often requires use of controls that can only be implemented by the cloud provider
• cloud customer must rely on contractual provisions to implementation and enforcement

Risks

• Attacks on the hypervisor
  • threat actor may attack the underlying hypervisor
  • attackers prefer type 2 hypervisors because of larger attack surface
    • hypervisor itself, underlying OS, hardware
• VM escape
  • aka guest escape
  • improperly designed or poorly configured VM may allow user to leave confines of the virtualized instance
  • can then access other resources
  • host escape is where a user can escape the VM and the host machine itself
• Information bleed
  • stems from malfunctions of security failures
  • processing or information on one instance may be detected by other instances on the same host
  • may be possible to detect that a certain processing is occurring on an instance
    • can be used as information to develop attacks
    • referred to as side channel attack or cover channel attack
• Data seizure
  • legal activity may result in confiscation or inspection of a host machine
    • can include virtualized instances
  • cloud data centers can be seen as demilitarized zones (DMZs)
    • everything in the cloud can be accessed remotely
    • exposed to the Internet