Every version of Windows — client and server — has promised improved security. But with Windows 10 and Windows Server 2016, Microsoft is going beyond the usual incremental improvements and closing of loopholes and giving you the tools to reduce the dangers of phished credentials, over-privileged admins and untrustworthy binaries.
“In the past, security was always something that was part of another technology” says Jeff Woolsey, principal group program manager at Microsoft. “We needed to pull it out.”
Security and protecting identity comes up in every conversation Microsoft has with customers, he says. And the scale of attacks means that security isn’t just something for the IT team to worry about any more, adds Jeffrey Snover, lead architect for the enterprise cloud group and the Microsoft Azure stack. “When we asked customers ‘what are your IT concerns?’ there were some messages we heard consistently. There were too many stories about getting hacked and not knowing for months.”
Security, Snover says, has become a CEO issue since the CEO of Target was sacked over security issues. “Target was using IT as the core of its business value proposition. When that got hacked it threatened the business value and that’s why it was such an issue.”
Windows Server 2016 aims to offer better security in three main areas: protecting identity and credentials, securing virtual machines and protecting the operating system on your own servers and in the cloud.
Protect admin accounts
The way into organizations today is nearly always through the people who work there, with credentials stolen through social engineering and phishing attacks.
“We’re seeing a massive rise in what the bad guys are doing. They’re attacking from overseas in their pyjamas because they're not worried they’re going to get extradited. Historically, the network was seen as the primary attack surface. Really, identity is the new attack surface; this is how people are getting in the infrastructure. Getting malware into an infrastructure is not hard; getting you to click on something isn't as hard as people think.”
That’s not to say that you should forget about zero-day vulnerabilities and advanced attacks altogether. As Snover points out, “if nation states can do it today, it’s only a matter of time before the bad guys and the script kiddies can do it.” But, by and large, attackers will take the easiest route, and currently that’s identity.
Once they have one login, attackers can use it to move sideways to other systems in your business using techniques like ‘pass the hash’ and ‘pass the ticket’.
If the first account they get into doesn’t have much access, Snover says, “they will initiate a problem on the machine to get the helpdesk to log in to fix it, and often they have admin credentials.” Stealing those credentials gives them more access and it usually takes only 24 to 48 hours before attackers get into the domain admin account. That’s a big problem when attacks can remain undetected for up to 200 days. “A domain admin can do anything, for an unlimited amount of time,” he points out.
“With Windows Server 2016, we’ve made a big dent in the problem. For a start, the hash is encrypted. Credential Guard uses modern hardware — and it’s not even that modern, it’s a few years old; it leverages virtualization technology to protect the secrets on a machine against pass the hash and pass the ticket attacks. We also have remote Credential Guard: when you log in to RDP, we don’t send the credentials — instead we use single sign-on.”
Windows Server 2016 also includes defenses previously shipped as a PowerShell option. Just Enough Admin (JEA), Just in Time (JIT) reduces the usual unlimited admin privileges to “a bare minimum set of actions, which go through a workflow that’s both audited and limited in time,” Snover says. “With JEA when you connect to a machine as admin, it logs you in with a virtual shadow account that’s created on the fly, given limited privileges and locked down through PowerShell. With JIT, we have a model where the process grants you a secure token that’s valid for a limited set of machines for a limited amount of time.”
“Part of the challenge is that there's security and then there’s operational security. This is security you can operationalize. Operationally, you can set this up so you can get access during working hours, but not at times when admins aren’t working. Next, you have to say what you’re working on, so you could set that up through your trouble ticketing system. Then you think about what the workflow is for the different admin tasks, so you can assign a set of privileges on a set of machines for a duration.”
Woolsey explains what that might look like: “Say I’m the network admin and my job is to manage the network firewall. Ninety-nine percent of the time I should never be logged in as admin but people still log in and do email and browse the web as network admin. If I need to make a change on the firewall, maybe a majority of three people have got to vote yes to that and I have an hour to make those changes. If I come back after an hour and say didn't get things done, now there’s an auditing process. People can say ‘are you having a problem? do we need to look into this?’”
“We’ve upped our logging and auditing game,” adds Snover. “The new mentality is ‘assume breach’ — assume the bad guys are going to be there. So now everything is logged so you can find it. We’ve got over-the-shoulder and deep engine-level logging of all the content.”
Microsoft is also working on templates to help you assign JEA privileges to different roles and developing a tool to help you scan your domain servers to see how many admins you have. “One customer had 2,000 domain admins; they’d wanted to have 20. Another found one machine that had 187,000 unintentional admins,” principal program manager Dean Wells told CIO.com.
Currently, JEA works for Windows Server workloads. “This works in a Windows environment but when you need credentials to go outside that environment, you still have problems,” Snover admits. But JEA is a PowerShell tool, and that’s one reason why Microsoft is bringing PowerShell to Linux. The intent is to support this in PowerShell on other platforms. “Security on Linux is different, but we’re convinced we can do this.”
Shielding your virtual machines
For all its advantages, virtualization has also created some big problems, Woolsey points out. One of the most notable is that it’s a single point of failure.
“No one has done squat about the problem that it’s a single point of attack even we've known about this for decades. If I get into your virtualization host, I have access to all 50 or more VMs that you’re running; it's a catastrophe. It’s a whole bunch of systems that are encapsulated in a nice easy file for me to steal. I can copy a VM onto a USB stick and run it anywhere, because the VM doesn’t know what is valid hardware and fabric and what is not. And any local admin can undo anything the guest can do to protect itself. Anything you do to encrypt the VM, I can undo, by definition. Any seized or infected host admins can access guest VMs. If I can get your credentials, if I can harvest your virtual domain controller, then we're done; I own the keys to your kingdom.”
“Virtual machines,” Snover says, “are awesome in terms of agility, but not so much in terms of the security profile. In the original model with physical servers, who had access to that? The answer was the server admins; the storage admin didn’t, the network admin didn’t. But with VMs, all of a sudden a lot more people in a lot more different roles have access to the device and are able to copy it and look at the data. This is a real challenge especially in hosting environments where a bunch of those people are from different companies. We designed shielded VMs with this in mind so now only the virtual machine admin has access to it and shielded VMs can be by hosters you don't necessarily trust.”
The new shielded VMs in Windows Server 2016 are encrypted by BootLocker, and only run on a hardware fabric where the new Host Guardian Service (HGS) attests to the health of the host before it releases the keys you need to run (or migrate) the VMs. “The aim is to give a virtual machine the ability to defend itself from admins and hosts, from online and offline inspections, because the data in encrypted both at rest and in flight,” says Woolsey. “And they can only run on a host whose binaries, boot path and kernel all measure as healthy.”
“The data and the state of shielded VMs is protected against inspection theft and tampering from malware and data center admins, fabric admins, storage admins, virtualization admins. You can separate the domain admins from the IaaS admins. Shielded VMs can only run on attested fabrics that are designated as the owners of shielded virtual machines, which protects against rogue local admins.”
“We're making sure if a VM walks out the door, even if you're a full admin, it's an encrypted blob. If I’m a shielded VM, if this is not my fabric, I don't turn on, I can't be live migrated. And the admin can’t view memory contents when the VM is running; they can't fire up a debugger because the Host Guardian Service would see it.”
Woolsey says that shielded VMs are useful in a range of scenarios: “Hosters can leverage this for their tenants. Enterprises finally get strong separation of duty. It’s also useful in the branch office. Today, if you want to run sensitive workloads in a branch office you just don't because the server is going to be sitting under the receptionist's desk; now you could.”
Encrypting VMs could also help with inadvertent data leakage when server drives are removed. “They’re supposed to be recycled or destroyed but very often it doesn’t happen. If those drives are going out the side door, you want to make sure the data is protected.”
There are three parts to shielded VMs:
A Virtual Secure Mode uses hardware virtualization to protect the VM from the local admin (that’s the same technology Windows 10 and Windows Server 2016 use to protect login credentials). “If I'm the local admin, I can look at everything in memory,” says Woolsey. “With Virtual Secure Mode we create a tiny enclave off to the side of the Windows kernel and the only thing it does is talk to the Host Guardian Service, so you can't see it in the context of the kernel or the local admin.” That means the local admin can’t snoop through memory to find the credentials for encrypted VMs.
Host Guardian Service “is a critical piece of infrastructure that you run in a locked cage with two padlocks and a camera pointing at it. It runs in a separate domain and it doesn’t share trust with anything else inside your infrastructure,” says Woolsey. All it does is attest to the physical fabric your VMs run on. “It measures the boot process for the servers in the fabric, making sure no malware has got in and nothing has been contaminated in the boot process. It also monitors code integrity so that only processes that have been allowed can run.”
A virtual trusted platform module (vTPM) used by the VMs that is not tied to the physical TPM of the server because that would stop you migrating the VM. But you do need TPMs in your servers to make this work. “I’ve been very pointed with our server partners for some time that they need to be shipping servers with TPMs,” says Snover. “We’re going to be very hard core on that.”
You also need to be using ‘generation 2’ VMs, and you can only currently protect virtual machines whose host operating system is Windows 8, Windows Server 2012 or newer. Windows 7 and Windows Server 2008 R2 can’t be shielded. Microsoft is working with the Linux community to shield Linux VMs; that might become possible by the middle of 2017, Wells suggests.
Attackers and insiders
Woolsey adds that government agencies like the U.S. departments of State and Defense and the U.K. Ministry of Defence are planning to adopt shielded VMs. “When we do Common Criteria, one of the questions we always get asked is ‘what have you done about the rogue admin?’ We’ve always said that we know about the issue but it’s hard to address. We’ve been looking at it for both Azure and Windows Server, and this is how we’re solving the rogue admin problem.”
Attackers target administrators in phishing attacks to get access and without shielded VMs they can extract VMs and run them on their own hardware. But equally, an unhappy employee with admin access might take a copy of a VM. “This is the Snowden mitigation,” he suggests.
There are other security improvements in Windows Server 2016, from Active Directory support for containers so you don’t have to manage certificates for them independently, to restrictions on what code can be run. “It’s about protecting the host OS, so I can be sure that what it’s running is what I intended it to,” says Snover.
Device Guard is a new type of code integrity that limits what binaries can run. “It’s no longer just applying to the user, it can now protect itself against admin abuse,” explains Wells. If an admin tampers with code integrity policy and reboots a server, it will deliberately blue screen. That’s based on customer feedback, he says. “They’re making the call that a box contains sensitive workloads or data [and] would rather lose the workload than potentially lose the data.” Wells recommends deploying Device Guard in audit mode to see what will be affected.