Trusting bare-metal/on-premises cloud firmware

I’ve been learning a bit about ‘the Cloud’. In addition to the normal virtualized solutions, there is also ‘bare-metal cloud’, where the customer gets full access to the hardware. The ‘on-premises cloud’ is similar, vendor puts the hardware on yout site.  If you are the first client to use that hardware, you’re probably in good shape. However, the 2nd and subsequent customers need to trust the cloud vendor is verifying that previous customers didn’t infect the firmware with bootkits.

If I was an attacker, I would have sold grey-market (used) hardware, with infected firmware on ebay/craigslist to future targets. Now, I’d change tactics and rent as much bare-metal/on-premises cloud hardware as I could, infect it with rootkits, return it to the cloud vendor, and wait for future users of this hardware to phone home. Seems like a better investment for an attacker, multiple targets per infected device.

Before your company relies on a bare-metal/on-prem solution, ask the cloud vendor to clarify the steps they perform to ensure the firmware is not infected with bootkits.

Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s