Cloud tenant threats

Cloud tenant threats

Threats to tenants may come from a cloud provider (insider threats) or another tenant (co-tenant threats).

Insider threats (from a cloud provider):

  • OpenStack services misconfiguration may lead to EoP.
  • A failure in maintenance. For example, not wiping disks on nodes between re-allocations may lead to Information Disclosure.
  • Improper configuration of security services or turning them off when high loaded. For example, disabling rules and taking protocols out of scan by IDPS may lead to missing an attack (EoP).
  • Connecting VMs to the management network may lead to Information Disclosure and, as a result, EoP.

To mitigate the insider threats in two ways:

  • Contractually - negotiate agreements related to privacy, security, and reliability, even though, it may increase costs (Information Disclosure).
  • Cryptographically - encrypting data on a cloud storage and when transferring through the network channel (Information Disclosure).
  • Isolate the management network from tenants’ networks (Information Disclosure, EoP).

Co-tenant threats:

  • Another tenant might try to escape a VM and take over the host (EoP).
  • Getting access to shared resources such as storage, network, and so on (EoP, Information Disclosure, Availability, Tampering).
  • Another tenant might be taken over to run a DoS attack (EoP, Spoofing, DoS).
  • Brute-force and dictionary attack (EoP).
  • Shared cloud provider’s infrastructure such as:
    • A shared mail service may lead to spear-phishing attacks from one tenant to another (Spoofing),
    • A shared DNS service may led to DNS poisoning attack (Spoofing, Tampering)
    • A shared Web service such as cloud admin web interfaces may be a source of XSS, CSRF, SQL injection, and so on attacks. (EoP)

To mitigate co-tenant threats:

  • Provide cloud separation. Use Host Aggregation and Availability Zones to separate VMs with different security level. (EoP, Tampering, Information Disclosure, Availability)
  • Use nodes from Trusted Computing Pool based on Intel TXT - a technology designed to harden platforms from the emerging threats of hypervisor attacks, BIOS, firmware attacks, malicious rootkit installations, or other software-based attacks (EoP).
  • Brute-force protection. Lock out an attacker’s logins after repeated failures (EoP).
  • Change default passwords (EoP).
  • Use network IDPS to monitor and detect anomalies in management and tenants networks (Information Disclosure, EoP).