Security Attacks and Threats
As the ICT infrastructure for data centers and enterprise services, Kunpeng servers are customers' core assets and serve as the cornerstone for the stable operation of critical IT infrastructure and enterprise workloads. The availability of enterprise applications and services, together with the security of networks and data, depends on the security of the computing platform. The security of computing platform hardware (primarily chips and boards) and firmware (including BIOS, iBMC, and device-specific firmware) forms the foundation of IT infrastructure security.
Based on the product positioning and service application scenarios, key assets of Kunpeng products are classified into data, hardware, and software. Major security threats are as follows:
Core Asset |
Threat |
Description |
|---|---|---|
Data |
Unauthorized authentication |
Attackers may launch brute force cracking and social engineering attacks to obtain unauthorized authentication and then steal service data, causing information leakage. |
Physical intrusion |
Attackers illegally obtain the storage media of the server to steal or modify data, causing service data leakage or tampering. |
|
Side-channel attacks |
Attackers crack cryptographic algorithms and obtain keys through signal processing, mathematical modeling, and correlation calculation. |
|
Probe attacks |
Attackers obtain sensitive information by probing key signal lines. |
|
Software vulnerability exploitation |
Attackers exploit vulnerabilities of open-source or third-party software, system software, and applications to launch attacks, such as buffer overflow, to read, modify, and delete data. |
|
Trojan horse |
Attackers implant Trojan horses to modify firmware or obtain customer data stored in the system. As a result, the system runs abnormally or information is leaked. |
|
Supply chain process attacks |
Attackers exploit weaknesses in oversight during the supply chain process, such as manufacturing, assembly, transportation, and warehousing. The attackers modify or replace hardware components to illegally obtain sensitive data. |
|
Software |
Unauthorized access |
Unauthorized users access the system to obtain or tamper with system resources. |
Privilege escalation or abuse |
Attackers escalate their privileges to access unauthorized resources or perform unauthorized operations. |
|
System time tampering attacks |
Attackers maliciously modify the system time, causing system instability and out-of-sequence log records. This manipulation conceals or erases attack traces and enables attackers to bypass security auditing. |
|
DoS attacks |
Attackers initiate DoS attacks over the network, causing service disruption on the server. |
|
Firmware tampering attacks |
Attackers use the OS to illegally upgrade or tamper with firmware (such as the NIC and RAID controller card), causing the system to run abnormally. |
|
Known vulnerabilities |
Attackers exploit known vulnerabilities of the OS, software, or firmware to attack the system, causing information leakage or tampering, and affecting stable running of the service system. |
|
Malicious code implantation |
Attackers implant malicious code or Trojan horses in the open-source code of the software acceleration library to initiate attacks, causing information leakage or program exceptions. |
|
Weak password attacks |
Attackers exploit default passwords and weak passwords to attack the system upon illegal login. |
|
Reverse analysis |
Attackers use reverse analysis tools to perform reverse analysis on firmware or applications, causing leakage of key intellectual property information and vulnerability discovery. |
|
Hardware |
Physical intrusion, tampering, and replacement |
Attackers illegally obtain storage devices, memory, PCIe cards, and other components through theft or substitution, resulting in asset loss. They can also compromise systems by tampering with or replacing hardware to launch further attacks. |
Physical environment attacks |
Attackers use environmental factors, such as vibration and high temperature, to damage hardware assets and cause device exceptions. |