At MyBroadband’s 2016 Cloud and Hosting Conference, a hacker spoofed the free Wi-Fi connection and redirected users to a fake version of MyBroadband’s homepage.
On the fake page, the headline “Gupta owned ANN7 to purchase MyBroadband” appeared.
The hacker was SensePost CTO Dominic White, who put the demo together to show what a rogue access point attack looks like and to make the point that vulnerabilities exist due to legacy issues in the Wi-Fi standard.
These issues stem from backwards compatibility with older devices and interoperability between devices from various manufacturers.
A similar problem exists in Ethernet networks, where you can perform man-in-the-middle attacks by spoofing responses to address resolution protocol (ARP) requests.
White said he didn’t want to demonstrate this attack live, as it would probably be illegal.
However, in trying to set up a training environment for an ARP spoofing attack on Amazon Web Services (AWS), White discovered that Amazon had eradicated this problem on its cloud platform – despite other networking equipment vendors being unable to.
He said an opportunity exists for cloud platform providers to look for parts of their stack which operate within their control and don’t have to interoperate outside the stack.
They can then eliminate vulnerabilities which exist due to legacy issues in the standards their stacks are built on.
“Amazon did it at layer-2 networking within AWS, and Facebook did it with their custom version of PHP,” said White.
This opportunity is open to all cloud providers and companies moving to cloud services. White said there are three main opportunities to improve security in the cloud:
  • Re-engineer the network stack: as above.
  • Immutable, disposable servers: store server configurations and data in such a way that you could start with a clean server every day. Persistence is gross.
  • Centralise and scale security efforts: it is easier to hire great security engineers (and listen to them) to look after centralised critical infrastructure than secure every end point on a wide network. Limit security decisions by users. Enable your security team to do smart things.