Guest Blog: Did WannaCrypt Wreck My Demo Infrastructure?
Security in the cloud will likely always be a hot topic of conversation, especially when there are global events like the recent WannaCrypt ransomware attack. IBM principal architect Erik Anderson recently addressed his responsibility for delivering “a reliable platform available for hundreds of other IBMers” in the midst of attacks like these, and the role Skytap and IBM both contribute to that reliability.
This story was originally written by Erik and published on his personal blog.
For those of you that follow me professionally, you know I own the demo strategy for IBM’s Cloud business unit. That leaves me responsible for ensuring we have a reliable platform available for hundreds of other IBMers to use with our clients—a responsibility I don’t take lightly.
The other day, I was asked whether or not we needed to be concerned about getting hacked/infected by the recent WannaCrypt ransomware in our demo infrastructure running on IBM Cloud for Skytap Solutions (ICSS). While you as my readers wouldn’t directly be affected by that, it seemed like a good opportunity to share a little bit about why I chose Skytap as our hosting platform.
But first, let’s start with the basics.
What is WannaCrypt?
WannaCrypt is a piece of ransomware that attacks Windows machines that have not been patched, encrypts files, and requires payment for the files to be decrypted. More details about WannaCrypt can be found here.
Well, were you affected?
Fortunately, the short answer is NO!
Why was this a non-issue for the demo infrastructure?
The main reason why this wasn’t an issue is really the way the fundamental architecture is implemented for running workloads in Skytap.
When VMs run in Skytap, they are located on their own software defined network that is isolated from the public internet. Therefore, hackers and other ill-intentioned persons can’t get to the VMs that are running in these isolated network spaces. This is a huge benefit from a security perspective, but the benefits don’t stop there.
This networking model also allows us to run multiple copies of the exact same environment without the trouble of duplicate IP addresses. Imagine being able to configure a demo environment once, then create and use an identical copy – in parallel – tens or hundreds of times all with a few clicks of a button.
Is there a way to still get access to specific applications running on the VMs?
Yes, Skytap also provides something called Published Services that expose a specific application port to the outside world to address these needs. The published service will give you access to specific ports on your VMs and won’t change from launch to launch. More detail on published services is here.
What’s the bottom line?
In addition to being able to avoid security issues with vulnerabilities like WannaCrypt, ICSS allows our technical sellers to spin up demo environments in real-time, while saving over 80% of the infrastructure costs required to deliver the service when compared against other hosting environments.