Cybersecurity Risks Threaten the Physical Infrastructure of Data Centers

Protecting the physical infrastructure of a data center is a central concern for securing the facility’s servers, networks, and hosted data and applications.

After all, data centers are physical structures with real-world vulnerabilities based on all their connections for smart HVAC systems, fire suppression controls, electrical devices, and even security cameras.

Any digital device inside a data center that’s connected to a network could become a pathway for cyber-attacks, apart from the central racks of computer equipment and network gear itself.

Data center infrastructure management (DCIM) platforms provide facility managers with an ability to monitor and control the physical infrastructure inside a data center.

However, these same software platforms may also provide unauthorized access points for hackers to initiate unconventional cyber-attacks, such as uploading malicious backup files via payloads that are installed through physical devices.

In other cases, attackers may try to gain access and disrupt the cooling systems in a data center, causing servers to overheat and fail.

Another ongoing threat for data centers involves their need for an uninterruptible power supply (UPS). CISA has warned that bad actors are known to gain access to internet-connected UPS devices stemming from lax security measures that allow unchanged default usernames and passwords.

Related:5 Ways Data Centers Can Help Prevent Data Breaches

More than 20,000 instances of DCIM software, intelligent monitoring devices, thermal cooling management control systems, and rack power monitors were public-facing and vulnerable to cyberattacks in 2022, according to Cyble Research Labs.

Since then, more than half of data center operators (55%) have reported some kind of outage, according to the Uptime Institute’s Global Data Center Survey 2023.

Taking Steps to Protect Continual Data Center Uptime

Avoiding a cyber-attack on a physical data center requires operators to be exhaustive when mapping out the facility’s operational technology (OT), including its many connected devices and points of access.

To ensure continual uptime, facility managers should review their security protocols for critical systems involving infrastructure management, electrical management, building management, and security management.

DCIM software takes a holistic view to monitor, analyze, and manage a facility’s overall power and cooling systems, along with its server utilization, asset tracking, and other vital functions. OT networks employ dedicated communications protocols and redundant systems to maintain reliability and resilience.

Related:Unfixed Microsoft Entra ID Authentication Bypass Threatens Hybrid IDs

Standard security procedures include regularly updating and patching software applications. Another effective measure is network segmentation: data center OT networks should also be segmented apart from IT networks to further increase security.

Newer tools for data center OT security include unidirectional gateway technology solutions encased in hardware to maintain a singular one-way transfer of data between two networks, not back and forth. The software stores copies of active servers and devices from the OT network to share with the enterprise network in real time.

Because the hardware can only send data in one direction, newer attack vectors can never reach back into the network through the gateway server.

Electrical management systems are mission-critical for maintaining continual uptime in any data center. Attacks on electrical power generation and distribution systems can lead to disruptions or outright power failures. Data centers that get taken offline face costly service interruptions, hardware damages, customer data losses, and even potential lawsuits.

Another security concern for a data center involves building management systems that control building environments for temperature, humidity, airflow, and fire suppression. Each device and point of access can introduce opportunities for unauthorized access.

Related:A CISO’s Observations on Today’s Rapidly Evolving Cybersecurity Landscape

Likewise, if security management systems for video surveillance, access controls, and threat detection are compromised, unauthorized individuals might gain access to data center controls and operations.

Mitigating a Risk First Requires Understanding Its Consequences

To protect the critical physical infrastructure of a data center from cyber-attacks, facility managers first need to adopt a strong cyber risk framework as part of their overall security posture.

Good cyber risk governance starts by translating potential risks into monetary terms and then prioritizing the worst risks for remediation.

New strategies for risk mitigation include cyber risk quantification and management (CRQM) tools that can help data center operators assess the full range of business damages resulting from OT vulnerabilities.

CRQM tools thoroughly analyze the impacts of any potential cyber incidents and then prioritize the top sources of risk for mitigation.

Cyber risk assessments can also enhance cybersecurity assessments by adding deeper contextual information to the evaluation. In this way, data center operators can proactively manage their cyber risk portfolio to prioritize risk mitigation projects and make more informed cybersecurity investment decisions.

Jose Seara is CEO of DeNexus.