Shielded VM: Your ticket to guarding against rootkits and exfiltration

In the cloud, establishing trust in your environment is multifaceted, involving hardware and firmware, as well as host and guest operating systems. Unfortunately, threats like boot malware or firmware rootkits can stay undetected for a long time, and an infected virtual machine can continue to boot in a compromised state even after you’ve installed legitimate software.

Last week at Google Cloud Next ’19, we announced the general availability of Shielded VM—virtual machine instances that are hardened with a set of easily configurable security features that assure you that when your VM boots, it’s running a verified bootloader and kernel.

Shielded VM can help you protect your system from attack vectors like:

• Malicious guest OS firmware, including malicious UEFI extensions

• Boot and kernel vulnerabilities in guest OS

• Malicious insiders within your organization

To guard against these kinds of advanced persistent attacks, Shielded VM uses:

• Unified Extensible Firmware Interface (UEFI): Ensures that firmware is signed and verified

• Secure and Measured Boot: Help ensure that a VM boots an expected, healthy kernel

• Virtual Trusted Platform Module (vTPM): Establishes a root-of-trust, underpins Measured Boot, and prevents exfiltration of vTPM-sealed secrets

• Integrity Monitoring: Provides tamper-evident logging, integrated with Stackdriver, to help you quickly identify and remediate changes to a known integrity state

Gemalto, a global security company focused on financial services, enterprise, telecom, and public sectors, turned to Shielded VM for its SafeNet Data Protection On Demand Cloud HSM solution, which provides a wide range of cloud HSM and key management services through a simple online marketplace.

"Shielded VM lets us better protect sensitive applications in the cloud,” said Raphaël de Cormis, VP Innovation at Gemalto. “Using Shielded VM, we envision our customers get increased protection from remote attacks and can meet strict regulatory requirements for data protection and encryption key ownership. And the point/click/deploy model of Shielded VM makes increasing security quick and simple."

Image availability
Shielded VM is available in all of the same regions as Google Compute Engine, and there is no separate charge for using it. Shielded VM is available for the following Google-curated images:

• CentOS 7

• Container-Optimized OS 69+

• Red Hat Enterprise Linux 7

• Ubuntu 16.04 LTS (coming soon)

• Ubuntu 18.04 LTS

• Windows Server 2012 R2 (Datacenter Core and Datacenter)

• Windows Server 2016 (Datacenter Core and Datacenter)

• Windows Server 2019 (Datacenter Core and Datacenter)

• Windows Server version 1709 Datacenter Core

• Windows Server version 1803 Datacenter Core

• Windows Server version 1809 Datacenter Core

You can also find Shielded VM in the GCP Marketplace. These images, brought to you in collaboration with the Center for Internet Security (CIS), include:

• CIS CentOS Linux 7

• CIS Microsoft Windows Server 2012 R2

• CIS Microsoft Windows Server 2016

• CIS Red Hat Enterprise Linux 7

• CIS Ubuntu Linux 18.04

"Bringing CIS Hardened Images to Shielded VM gives users a VM image that's been both hardened to meet our CIS Benchmarks, and that’s verified to protect against rootkits,” said Curtis Dukes, Executive Vice President of Security Best Practices at CIS. “These additional layers of security give customers a platform they can trust to protect their critical applications."

And if you prefer to import a custom image, Shielded VM now lets you transform an existing VM into a Shielded VM that runs on GCP, bringing verifiable integrity and exfiltration resistance to your existing images.

Getting started
It’s easy to get started with Shielded VM. In the GCP Console, when you're creating a new VM instance or instance template, simply check the "Show images with Shielded VM features" checkbox.

Next, you can adjust your Shielded VM configuration options under the Security tab. Here you can gain more granular control over Shielded VM functionality, including the option to enable or disable Secure Boot, vTPM, and integrity monitoring. By default, vTPM and integrity monitoring are enabled; Secure Boot requires explicit opt-in.

If you're looking for additional centralized and programmatic control over your organization's VM instances, we've also made a new organization policy available for Shielded VM. This constraint, when enabled, requires all new Compute Engine VM instances to use shielded disk images and to enable vTPM and integrity monitoring.

All functionality exposed via the GCP Console is also available using gcloud.

What's next?
As methods for attackers to persist on and exfiltrate from VM instances grow more sophisticated, so too must your defenses. Shielded VM allows you to stay one step ahead of the game by leveraging the security benefits of UEFI firmware, Secure Boot, and vTPM. To learn more, please check out the Shielded VM documentation.

You can also join the conversation in the Shielded VM discussion group and make feature suggestions here. We look forward to hearing from you and helping you harden your cloud infrastructure!