Category: Managed Security Services
Published: June 2010
There has been much discussion of potential new attack vectors in virtual systems, such as Blue Pill, Red Pill and hypervisor (or virtual machine) rootkits. Any software can have vulnerabilities and the virtualization layer is no exception to this rule. Although such attacks are viable, the more common attack vector remains identical to that of physical systems. Malicious code, exploits and hackers are still the major risk – targeting the application layer and the user (through social engineering) rather than shifting to expensive and difficult new attack vectors.
Over time, an increase in attacks on the virtualization layer is likely. However, it is likely that attacks on the OS or application layer will remain the majority. Unfortunately, while many enterprises chase protection against the new class of potential threats in development, they ignore the basics, which leads to high risk of compromise. Equally, compliance standards are applicable to virtual systems, but enterprises typically overlook them.
New protection models to secure virtual systems are emerging, such as the idea of scanning multiple virtual machines from a single point using hypervisor inspection. Moving protection capabilities outside the virtual machine could make attack from malware significantly more difficult, providing more comprehensive and robust protection. Many of these new models hold great promise for delivery of better security but are still immature. There is a great deal of work to be done before these models can provide an effective, stable replacement to existing protection.
Until these areas mature and the nature of the threat evolves, enterprises need to ensure they extend their existing protection in to the virtual world. Security is not a new practice and
virtualization does not invalidate the many years of knowledge security practitioners have acquired. In short, the fundamental existing framework for IT security has not drastically changed, but there are opportunities for optimization and considerations for a virtual environment.
Rating: + 6
Wireless Technologies | September 2012 | White Paper
Unified Threat Management | August 2012 | White Paper
Managed Security Services | August 2012 | Article
Data Security | July 2012 | White Paper
Web Application Security | June 2012 | White Paper
© Incisive Media Investments Limited 2013, Published by Incisive Financial Publishing Limited, Haymarket House, 28-29 Haymarket, London SW1Y 4RX, are companies registered in England and Wales with company registration numbers 04252091 & 04252093.