IpCam_User
n3wb
This is not an accurate statement. Any company that is using Amazon Web Services, VMWare Web Services, Microsoft Azur, are all using Virtual Machines. It would be most excellent if it were impossible to hack a VM but they have the same flaws as physical servers/workstations do. Virtual networks have the same flaws a managed switches. This is why we have to continue to apply security patches that are released by VMWare to our ESXi servers. We also apply Microsoft's Monthly Security Patches to all of our MS VMs and our Linux teams apply security patches to all of our Linux VMs. (Lets not get started on updating all the programs we us when a new version comes out that closes a security hole.}Unless I'm very mistaken you cannot hack a Virtual Machine.
VMs used for live virus testing would be similar to someone using a workstation that was air gaped from the world, or a set of say 4 workstations plugged in to a 4 port ethernet switch so they can see how it spreads across a network that is air gaped from anything other than those 4 workstations. The advantage of using a VM in this situation is the single airgaped VM can run all four VMs on a virtual switch and thus is cheaper to use/operate than buying all the extra hardware that used to be needed to do the same setup {granted there are some other advantages}.
Also, as a better practice, do not use the same username/password to log in to each workstation. Create different accounts. Use something like KeePass to keep all the information on each workstation, account, password so you do not have to remember them all. {I use it on my Windows, Linux, and Android with my Windows one being my authoritative one and sync the rest to it.) This is even more so for the BI workstation/VM. This one act can help slow down a worm attempting to move through your network where as if all the workstations have the same username/password it is like giving the worm the keys to the castle.