Digital Defense Offers Remedy For Security Flaws That Enable Hackers To "Hijack The Cloud"Digital Defense Offers Remedy For Security Flaws That Enable Hackers To "Hijack The Cloud"
IPMI-based attack vectors can be extremely damaging due to the unique method in which hackers can gain access
July 10, 2013
SAN ANTONIO, July 9, 2013 /PRNewswire/ -- Organizations are waking up to the reality that a dangerous implementation issue could lead to devastating operational disruption by providing hackers the ability to bypass typical security controls and take over cloud based systems. The weakness is due to a set of implementation issues in the Intelligent Platform Management Interface (IPMI), which now comes standard on almost all rack-mount hardware. Digital Defense, Inc. (DDI), a leading national information security risk assessment firm, has conducted extensive analysis on these vulnerabilities and is offering solutions to effectively mitigate this threat.
IPMI based attack vectors can be extremely damaging due to the unique method in which hackers can gain access:
-- IPMI-based security weaknesses exist within network-accessible embedded
components of rack-mount hardware. As such, normal operating
system-based security controls offer no protection.
-- Attackers can hijack powered-on servers even when they are shut down,
and then leverage this access to take over the primary operating system.
This is true whether the organization is running Microsoft Windows (32
or 64-bit) or Linux operating systems on the targeted servers.
-- This issue appears to be widespread. Rack-mount servers with these flaws
have been in distribution for years, and exist within a variety of
models manufactured by numerous vendors.
DDI's Vulnerability Research Team (VRT) has been performing extensive analysis on the flaws to validate the conditions, and presented its analysis and findings during the BSides Texas - San Antonio conference in May 2013.
Following the company's responsible disclosure policy, DDI has been warning customers and technology partners of the dangers of this concern for several months, while at the same time conducting responsible due diligence and developing remediation solutions for the issue.
Gordon MacKay, EVP/Chief Technology Officer at DDI states, "When our security research team examined these embedded interfaces, the magnitude of the implementation flaws became clear. We knew we had to act quickly to ensure our clients were not impacted by the threat. We released our findings to the information security community at BSides, while fast-tracking our research to find a remedy. We are pleased that we are able to both raise awareness about this potentially harmful threat, and offer solutions as well."
More detailed information on the IPMI vulnerabilities and remediation can be accessed on the DDI Labs Blog. In addition, organizations wishing to obtain a rapid scan of their full network to determine if these vulnerabilities are present can contact DDI at 888-273-1412 or [email protected]
About Digital Defense
Founded in 1999, Digital Defense, Inc. (DDI) is the premier provider of managed security risk assessment solutions protecting billions in assets for small businesses to Fortune companies in over 65 countries. DDI's dedicated team of experts helps organizations establish a culture of security through regular information security assessments, awareness education and decisive security intelligence. This proven method bolsters the capability of organizations to reduce risk and keep information, intellectual property and reputations secure.
The combination of DDI's certified security analysts, patent-pending scanning technology and proprietary cloud-based vulnerability management system, the
Frontline(TM) Solutions Platform, delivers one of the most powerful assessment results and remediation management solutions available. Contact DDI at
877-273-4202 or www.ddifrontline.com.
You May Also Like
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingNov 01, 2023
SecOps & DevSecOps in the CloudNov 06, 2023
What's In Your Cloud?Nov 30, 2023
Everything You Need to Know About DNS AttacksNov 30, 2023