
No security attacks against VMs have so far been reported, but security experts believe it is only a matter of time before hackers start to look at ways to exploit vulnerabilities within virtual infrastructures.
David Lynch is vice president of marketing at virtual machine lifecycle management specialist, Embotics. He acknowledges that he has not seen any programs deliberately attacking hypervisors – the software that grants multiple VMs access to the hardware resources of a single physical system – yet, but says it is only a matter of time.
“There will probably be some form of attack on the hypervisor within the next 12 months – it is too rich an opportunity [for hackers] to pass up," he says. " If you go to events like the Black Hat technical security conference, virtualisation is the number one topic. Everyone is working on it, so watch this space."
Warwickshire County Council recently began a programme to extend its virtual environment to 175 primary and secondary schools throughout the count. It opted to use the HyperV features integrated in Microsoft's Windows Server 2008 operating system to support server, desktop PC and application virtualisation.
“We haven't noticed any security threat happening on the HyperV side, and I am not aware of any compromise of anything made on any virtual system to date, but it is a theoretical possibility,” says Chris Page, Warwickshire County Council's technical development manager.
Virtual servers are more usually credited with improving security in the IT infrastructure, because they isolate individual operating systems and applications into separate, virtualised containers that do not interact with each other and therefore minimise the opportunity for malware to spread.
"We virtualised a server recently where we had to balance the supportability of three very complex installs sitting on one server against separating them out. Virtualisation technology works by isolating things from one another, web hosting from database applications for example, and the VMs hosting them can either be firewalled or not firewalled depending on their mission criticality," says Page.
But Embotics' Lynch insists that this separation can pose a different type of problem, because management and security tools tend to identify servers according to their physicality, whereas virtual servers all look exactly the same.