User Virtual Machine Compromise – Media Reference
On the 19th August we were contacted about a potential compromise by the ABC. The IP address and Nectar were listed along with several other Australian organisations on a recent airing of the TV program Four Corners. The identified Virtual Machine was confirmed to be a single virtual machine which is part of a short-term startup-allocation. There was no evidence of compromise to any other IT infrastructure or other users virtual machines. The identified Virtual Machine was stopped and locked in order to prevent further access back in May last year (2015).
The Nectar cloud is architected to ensure isolation of user’s Virtual Machines from other servers running on the cloud, mitigating the impact of cyber-security breaches. The Nectar cloud operates on dedicated networks fire-walled from other critical IT infrastructure. We actively monitor the service looking for compromised and potentially compromised instances. When a compromised instance is discovered, the VM is immediately taken offline.
NeCTAR works with the Australian research community to improve cyber-security practice for servers deployed on the Nectar cloud.
If you have any concerns or questions about cyber security in the Nectar Research Cloud you can visit our support site https://support.ehelp.edu.au to search the knowledge base or contact the help desk.