The latest hack published by Wiz is a momentous warning bell to the Cloud infosec community. It goes well beyond privileges escalation in a Jupyter notebook container managed by some Azure team. It raises several some key questions which apply not only to Microsoft, but Amazon and Google as well:
- should features requiring services integration be subjected to customer opt-in and opt-out, no matter how sexy they are looking? I remember the day when notebooks were 'enforced' in all ComosDB accounts very well. It made me grumpier than usual ;-)
- are other services than CosmosDB susceptible to similar, complex PaaS integration issues?
- how to ensure undisputable, undrifting customers isolation in PaaS integration scenarios?
- are access bypasses (eg: Azure Portal and Public Azure Datacenter IP ranges) viable long-term solutions for PaaS integration?
- shouldn't PaaS integration rely on a limited library of battle hardened patterns that all Cloud PMs should have to use consistently?
- shouldn't Cloud providers put more efforts into making automated, scalable and transparent APIs to give insurance to their customers that their assets haven't been impacted by a vulnerability? Rather than numb security bulletins and hollow emails? Assuming the worst.
In such stories, providers are not the only ones that should be blamed. Customers also bear their share of responsibility
