secior datacenter cooling unit

ARTICLE

Technical datacenter infrastructure, the 'forgotten' security risk

By Sander Nieuwmeijer
November 2020 – DatacenterWorks

On May 9, all systems controlling shipping and road traffic around the Iranian port of Sharid Rejaee crashed simultaneously. The cyber attack, which shut down traffic around the port for days, was carried out by Israeli “state hackers” in retaliation for an Iranian cyber attack on a water distribution system in northern Israel. The Washington Post reported it more than a week later, when satellite images showed large numbers of ships waiting in the Strait of Hormuz. Several data centers, such as a few weeks ago at Equinix, have also been victims of successful cyber attacks. But most incidents are not even mentioned in the press.

About a year ago, together with a small group of specialists, I started a study into the cyber risks of data centers. After 20 years of designing, building, managing and operating data centers, I knew the vulnerabilities of facility infrastructure. After studying hundreds of publications and after dozens of conversations with security experts, data center administrators and suppliers, it became clear that the risks hidden in the technical infrastructure of a data center are hugely underestimated.

The most effective way to sabotage multiple computer systems or an entire data center is a cyber attack on the technical infrastructure. It is easier to shut down a data center by disabling the cooling system than by attacking each of the servers.

The power supply is the most critical infrastructure of a data center. Our research showed that quite a few respondents thought that protecting the power supply through redundancy and limiting physical access was already an adequate security shell.

The technical infrastructure of data centers is comparable to that of industrial facilities where operational technology is used to manage and monitor production processes. However, these industrial monitoring systems have never been designed with security in mind. Industrial Automation Control Systems – or Operational Technology (OT) – have historically been a separate camp with IT. OT environments often ran locally on their own hardware and software. Linking it to IT makes management much more efficient, but also more vulnerable because it makes them digitally accessible.

While conducting research, we discovered that many OT systems are often easy to access from the outside and are an easy prey for cyber attacks with default passwords. These OT systems had often not been patched for years, because the manufacturer is slow to release upgrades or people were hesitant to upload them for fear of a (production) interruption. OT is also years behind IT, widely used protocols such as Modbus are more than 40 years old.

Power supplies, cooling systems and even security systems are susceptible to targeted cyber attacks. But nowadays simple IoT components can also serve as an entrance.

Above all, the creativity of cyber criminals has really amazed us. In the field of Social Engineering, they are getting smarter with the penetration of a company. Employees or suppliers are unknowingly involved in more than 90% of cyber incidents.

A cyber risk is determined based on the degree of threat, your vulnerability and the impact. Gaining insight is necessary, because you do not know what you do not know. A cybersecurity risk assessment is therefore a good starting point.

SECIOR INDUSTRIAL CYBERSECURITY

HOW CAN WE HELP YOU ?

Every industrial cybersecurity question demands a tailor-made answer and solution. Our focused team of professionals who understand your business are here to assist your company in securing your mission critical facilities to the highest level.

STAY UPDATED

Stay informed about latest developments and upcoming activities in the field of Industrial cybersecurity.