December 12, 2023 at 02:44PM
Security vulnerabilities in Google Cloud’s “Dataproc” service could allow hackers to access sensitive data and execute unauthorized operations due to default open firewall ports without authentication. Despite researchers’ efforts, Google has not addressed the issue. They recommend proper network segmentation and vulnerability management to mitigate the risk until a fix is implemented.
Based on the meeting notes, here are the key takeaways:
– Security controls in Google Cloud’s Dataproc service for data scientists are lacking and could potentially allow hackers to create applications, execute operations, and access sensitive data in Internet-facing environments.
– The issue specifically lies with two default open firewall ports used by Dataproc, which do not require any authentication, making it susceptible to potential attacks.
– The presence of these default open firewall ports in Dataproc could lead to the breach of sensitive data used for analysis, exposing customer data, business intelligence, and other proprietary information.
– Google has been made aware of these security risks by the Orca Research Pod, but the issue has not yet been resolved, and Google has not responded to requests for comment.
– Orca researchers have suggested potential solutions for Google to implement, such as enabling authentication by default in Dataproc to prevent unauthenticated access to the cluster Web interfaces.
– To address the potential security risks, Dataproc admins are recommended to practice effective vulnerability management, properly segment networks, and adjust firewall rules.
In the absence of a fix from Google, organizations are advised to take measures to ensure that their GCP Dataproc clusters are not configured in a way that makes them vulnerable.