On the 19th August we were contacted about a potential compromise by the ABC. The IP address and Nectar were listed along with several other Australian organisations on a recent airing of the TV program Four Corners. The identified Virtual Machine was confirmed to be a single virtual machine which is part of a short-term startup-allocation. There was no evidence of compromise to any other IT infrastructure or other users virtual machines. The identified Virtual Machine was stopped and locked in order to prevent further access back in May last year (2015).
The Nectar cloud is architected to ensure isolation of user’s Virtual Machines from other servers running on the cloud, mitigating the impact of cyber-security breaches. The Nectar cloud operates on dedicated networks fire-walled from other critical IT infrastructure. Nectar has standard procedures for managing cyber-security breaches of user’s Virtual Machines running on the Nectar cloud and these have been followed in this case.
NeCTAR works with the Australian research community to improve cyber-security practice for servers deployed on the Nectar cloud.
If you have any concerns or questions about cyber security in the Nectar Research Cloud you can visit our support site https://support.ehelp.edu.au to search the knowledge base or contact the help desk.
(Updated at 11:25 30 Aug 2016)