With virus and phishing attacks now pass, computer hackers are eyeing off a new technical challenge: hyperjacking.
 So 1990s: hyperjack is the new freejack... |
With virus and phishing attacks now passé, computer hackers are eyeing off a new technical challenge: hyperjacking.
Still in its infancy, hyperjacking revolves around the corporate world's newfound enthusiasm for application virtualisation.
Virtualisation allows multiple instances of an operating system to be run on a single box, greatly improving hardware utilisation levels.
Because the hypervisor actually runs underneath the operating system, it makes it a particular juicy target for nefarious types, hell bent on gaining control of computer servers. Get control of the hypervisor and you control everything running on the machine.
Hyperjacking involves installing a rogue hypervisor that can take complete control of a server. Regular security measures are ineffective because the OS will not even be aware that the machine has been compromised.
Stephen Toulouse, group product manager within Microsoft's trustworthy computing group, says his company is taking the threat very seriously, however stresses that no hyperjacking attempts have yet been seen in the wild.
"We spend a lot of time talking to smart security researchers around the world, and we have seen more looking at the potential for hyperjacking," he told APC. "However we don't consider that it is a threat today."
Toulouse says that, for a hyperjacking attempt to succeed, an attacker would need to either have physical access to a server, or somehow convince a user to install some malicious code.
"You also need a processor capable of doing hardware assisted virtualisation, and these are still very rare," he says.
But despite the low level of threat currently posed, Toulouse says Microsoft is working closely with AMD and Intel to find ways to minimise the risk by detecting unauthorised hypervisors at the hardware level.
With Microsoft itself promising to add virtualisation capabilities to its Windows Server platform early next year, the number of potential targets for hyperjacking attacks will increase rapidly. Forewarned is forearmed.