News

'Azurescape' Attack on Azure Container Instances Highlights Risks of Using Multitenant Services

• By Kurt Mackie
• 09/10/2021

The Microsoft Security Response Center (MSRC) issued a "coordinated disclosure" notice on Wednesday for users of the Azure Container Instances (ACI) service, promising that "no unauthorized access to customer data" had occurred.

ACI is Microsoft's "container-as-a-service" offering. Organizations needing to extend their Kubernetes operations can simply use ACI on the fly, and they'll get the benefit of not having to maintain the underlying infrastructure, which gets handled by Microsoft.

Various software vulnerabilities associated with the ACI service were leveraged by Palo Alto Networks security researchers, who found a means to escape a container on the ACI service and gain access to other accounts hosted on Microsoft's multitenant service. This "cross-account container takeover" of the ACI service is recounted by Palo Alto Network's Unit 42 team in this post.

Azurescape
The Unit 42 team dubbed its attack chain "Azurescape," and described it as the first cross-account container takeover in the public cloud." The team summarized its attack methods as follows:

We identified a cross-tenant attack through which a malicious Azure customer could escape their container, acquire a privileged Kubernetes service account token and take over the Kubernetes api-server, thus establishing complete control over the multitenant cluster and all customer containers running within it.

By gaining cluster administrator privileges, an attacker "could execute commands in other customer containers, exfiltrate secrets and private images deployed to the platform, or deploy cryptominers," the Unit 42 team explained.

The MSRC announcement indicated that Microsoft had fixed the security issues involved. It sent notifications about the problem only to the ACI customers affected by the Palo Alto Networks security researchers. Other ACI customers were deemed not to have been affected.

Affected ACI customers who got a notice through the Azure Portal's "Service Health Notifications" segment should revoke "any privileged credentials that were deployed to the platform before August 31st, 2021" as a precautionary measure, the MSRC advised.  

The Palo Alto Networks researchers thanked Microsoft in a separate blog post for letting them do penetration testing across Azure, which was described as "a great example for other vendors." They also got bounty awards from Microsoft for their Azurescape findings.

Nightmare Scenario
Azurescape, while apparently not maliciously exploited, isn't a very reassuring milestone for users of public cloud services.

The notion with using multitenant cloud services is that service providers take care of the patching. Other tenant workloads are housed on the same cluster, but organizations likely assume proper safeguards are in place to keep accounts separated. The Unit 42 team, though, were able to tell that Microsoft was using older software, and they looked for unpatched vulnerabilities to exploit in their attack chain.

Microsoft's ACI service was running older versions of Kubernetes that had been released "between November 2017 and October 2018" that were subject to "multiple known vulnerabilities," the Unit 42 team explained, and so they looked for specific vulnerabilities they could leverage.

IT pros typically feel the pressure to keep on-premises software up to date and patched. Cloud services are supposed to be the example where those best practices take place, but Azurescape proved to be an exception.

Attacks leveraging flaws in software used by public cloud service providers is just an inevitable attack route, the Unit 42 team argued:

Cross-account vulnerabilities are often described as a "nightmare" scenario for the public cloud. Azurescape is evidence that they're more real than we'd like to think. Cloud providers invest heavily in securing their platforms, but it's inevitable that unknown zero-day vulnerabilities would exist and put customers at risk. Cloud users should take a defense-in-depth approach to cloud security to ensure breaches are contained and detected, whether the threat is from the outside or from the platform itself.

Specific steps to ward off similar attacks on Kubernetes environments were listed in the Unit 42 post.

The MSRC notice, for its part, just recommended that organizations have control over security privileges, saying that "as part of standard security practices, you should revoke privileged credentials on a frequent basis."

Unit 42 researchers plan to talk about Azurescape in a Sept. 16 online session (sign-up here).

Azure Cosmos DB Problems
Azure security and multitenant concerns also recently made the news in the case of Microsoft's Azure Cosmos DB service.

Security researchers at Wiz found a vulnerability in Jupyter Notebooks when used with the Azure Cosmos DB service. This vulnerability "could potentially allow a user to gain access to another customer's resources by using the account's primary read-write key," it was explained.

More on the Azure Cosmos DB service's security problems can be found in in this Redmond article.