ProSPU in Data Centers
By Aviram Shemesh
Cloud-based enterprise data is under siege. According to the 2021 Thales Global Cloud Security Study conducted by 451 Research, 40% of responding organizations stated they had experienced a cloud-based data breach in the past year. Storing so much data in the cloud has improved efficiency and scalability for enterprises and there’s no indication this will change. To keep all this data safe on their end, enterprises must enact zero trust security postures to eliminate the possibility of attack from insider or supply chain sources. Many still don’t seem to have done so. The actual cloud service providers hosting all this enterprise data need to be even more vigilant.
While enterprises themselves can often back up their data to cut off potential ransomware leverage, some hackers instead target groups who store sensitive client data that can’t be backed up elsewhere like cloud service provider (CSP) Swiss Cloud, which was hit by a ransomware attack that disrupted service for more than 6,500 customers. These sorts of attacks have the potential for exceedingly high ransoms, as CSPs feel immense pressure from clients when their services or stored data are unavailable.
This issue is far from new, as data centers have been vulnerable to hacks for over a decade. Much of this vulnerability has to do with visibility with regard to both what a hacker can see and what a target can see.
If hackers can gain visibility into the security defenses of their target, they can map those defenses. Continued poking and probing will eventually allow these hackers to discover discrete vulnerabilities that they can exploit to enter a device or network. Thinking about this sort of forced entry in a more traditional physical sense makes it easier to conceptualize: if you can walk around a house for hours, identifying where all the doors, windows, cameras, and sensors are, you can make a pretty effective strategy to get inside without detection. Once inside the house (or device or network, in a CSP’s case), intruders can deactivate detection and security protocols. In this way, visibility leads to access, which then leads to control. Seizing control, or at least gaining leverage, becomes particularly easy when credentials, encryption keys, and sensitive data are also stored in an accessible place. This makes clear that defenses, along with the assets these defenses are intended to protect, must not be stored somewhere visible and accessible, like the software or firmware levels.
In order to know that their devices, networks, and assets have not been compromised, cloud service providers must have visibility into the integrity of these entities. In fact, a study by Ermetic recently showed that 64% of CISOs cited a lack of adequate visibility into access settings and activities a primary cause of data breaches. Establishing this visibility into device or network integrity is accomplished through regular attestation with a root of trust (RoT) at the very first boot, every subsequent boot, and during every runtime. This RoT validates whether the user or program accessing and altering a given firmware item is legitimate. If it is not, the access or alteration is prevented. For this process to be fully trustworthy, the RoT itself must be inaccessible and unalterable, which means it cannot be on the software or firmware levels.
So, to prevent hackers from having visibility and access and to ensure system or component integrity for CSPs, defenses, data assets, and the RoT must be stored remotely on an isolated security chip. Unlike processor-based systems that are susceptible to trial-and-error attacks where hackers try various techniques in order to glean information about a system’s defenses, isolated security chips provide very little visibility to would-be intruders and ensure the RoT cannot be manipulated. This is where the Kameleon ProSPU comes in, as it serves as a hardware location for an immutable RoT and can also host security platforms and other assets. Hackers are unable to see into the ProSPU at all, meaning everything inside is kept safely removed from their prying eyes (and actions). This isolated security chip is only a black box from the hackers’ perspectives, however, as visibility for authorized owners is a key feature of the ProSPU.
Visibility is a key feature of the ProSPU as after any attack attempt the data center IT admin can run forensics to verify that the server is still working properly and perform platform attestation on demand, viewing the success of the attack block in the script output. Kameleon’s ProSPU enables device attestation by providing a hardware trust anchor that can verify compliance that a processor peripheral has passed security protocols and attest the validity of the device, safeguarding the application stack at every layer.
The takeaway here is that for data centers and cloud service providers to keep their clients’ data safe and thus keep themselves in business, they need to eliminate visibility for attackers and improve it for themselves.