Hackers Can Plant Backdoors on Bare Metal Cloud Servers: Researchers

From securityweek.com

Malicious actors could plant firmware backdoors on bare metal cloud servers and use them to disrupt applications, steal data, and launch ransomware attacks, firmware security company Eclypsium warned on Tuesday.

Cloudborne attack targets bare metal cloud servers

Bare metal cloud services provide organizations the hardware needed to run their applications, without providing a hypervisor. Unlike in the case of other types of cloud services, where a server can have multiple tenants, bare metal services provide exclusive access to the entire physical server. Once a customer no longer needs the server, the hardware is reassigned to another customer.

Researchers at Eclypsium discovered that hackers could plant firmware backdoors on these servers that can later be leveraged against the device’s next customer. The attack method has been dubbed “Cloudborne.”

Eclypsium believes this problem affects many bare metal services providers, but it has conducted tests on IBM’s SoftLayer cloud services “because of its simplified logistics and access to hardware.”