Under attack: The growing cybersecurity threats facing our data centres

Author: Milan Vujasinovic, Sunil Sharma
AdobeStock_350462469_Working-data-centre-full-of-rack-servers-and-supercomputers

At a glance

Data centres are the quiet achievers that enable modern life to function. Businesses rely on these complex, highly automated facilities to support them in everything from customer relationship management to email and file sharing. However, the very features that make data centres reliable also make them vulnerable. Without proper protection from cyber attacks, data centres’ sophisticated functioning can be exploited, often with disastrous outcomes.
The very features that make data centres reliable also make them vulnerable. Without proper protection from cyber attacks, data centres’ sophisticated functioning can be exploited, often with disastrous outcomes.

The critical role and vulnerabilities of data centres

Data centres are physical facilities that house the routers, switchers and servers that are essential for communication, operation of critical infrastructure, and storage of confidential information. They often interface with multiple other data centres as well as the cloud – itself a collection of data centres – and are complex and highly automated.

Yet the sophisticated features of data centres, such as power supply and cooling systems, as well as various smart, connected devices used for security and surveillance, environmental monitoring and control, can be exploited as vulnerabilities without proper protection from cyber threats. Cybersecurity breaches can have large-scale and far-reaching consequences well beyond the scope and scale of a facility itself, affecting a company’s bottom line, reputation and, in some cases, leading to legal action.

Cyber threats are ever-evolving – cyber criminals are becoming savvier about how to infiltrate and disrupt. Phishing, malware and Distributed Denial of Service attacks are more frequent than ever before. This leaves data centres – including the physical infrastructure like servers and storage – in a potentially vulnerable position.

A high-profile example of the vulnerability of physical infrastructure was the suicide bombing near an AT&T facility that took place in Nashville in late 2020. The explosion damaged surrounding structures and caused telephone and internet outages, including disruption to emergency and first responder communications infrastructure that, in some instances, impacted centres for over a week.

Additionally, because of the significant damage to the building, two water main breaks caused flooding to their onsite generators, leading to further outages, and complicating recovery efforts. The cascading nature of the disruptions highlights the importance of understanding system interdependencies in complex facilities such as data centres.

Common challenges in securing data centres

The technological landscape is changing all the time, and while risks can be designed out for new facilities, existing data centres operate using legacy systems. These systems often lack built-in security features, and some are no longer supported by suppliers and manufacturers, making it difficult to retrofit or upgrade them. Additionally, concerns about cost and a lack of understanding about the risks associated with not upgrading can lead to delayed upgrades.

There is a raft of regulatory requirements and compliance standards for data centre cybersecurity that businesses are obligated to meet, including GDPR in the UK and recently expanded legislation in Singapore. It is critical that data centres adhere to these regulations to avoid legal repercussions and maintain trust with clients and stakeholders.

Best practices and trends in cybersecurity

It’s vital that organisations make cybersecurity a top priority when it comes to their business operations. Security should be designed into new data centres from the start. Regular security audits and penetration testing are also vital in helping to identify and address vulnerabilities. Additionally, sound staff training and awareness-raising help ensure employees adhere to security protocols and understand the wide-ranging ramifications of security breaches. Having a robust incident response plan in place is also important, so that any cybersecurity incidents can be dealt with quickly and effectively.

Cloud-based data centres come with their own unique security challenges and solutions. The World Economic Forum’s Global Cybersecurity Outlook 2024 revealed that 41 per cent of organisations who suffered a cyber security incident in the previous 12 months that had a significant impact on their financial position, operation or relationship with customers – said a third party caused it.

Like technology more broadly, the cybersecurity landscape is evolving. Future trends in cybersecurity that data centres should be aware of include understanding the impact of the new technologies they adopt, managing supply chain risks and those from third-party relationships, as well as investing in and building awareness of security fundamentals. Effectively navigating the evolving cybersecurity landscape will require data centres to balance an acceptance of ongoing cyber risk with bolstering their resilience and capacity for recovery.

Five cybersecurity tips for data centres

Ongoing vigilance and investment in security measures is critical for the cybersecurity of data centres. To stay ahead of emerging threats and continually improve security, data centres should:

  • Embrace emerging technologies like artificial intelligence and machine learning, which can help to detect abnormal behaviour patterns that may indicate cyber threats.

  • Conduct frequent physical security and cybersecurity risk assessments as well as penetration testing to identify vulnerabilities. A novel way to test your critical infrastructure’s cybersecurity is to undertake ‘red teaming’ operations that simulate a range of physical and cyber attack scenarios against your facility and infrastructure. At the same time, vulnerability scanning should also encompass physical aspects, such as access control to facilities.

  • Adopt a defence-in-depth strategy by layering security measures. This starts with having robust access controls to restrict unauthorised access to facilities, as well as firewalls to filter incoming and outgoing traffic, intrusion detection systems to monitor for suspicious activity, and network segmentation to isolate critical components from less secure parts of a network.

  • Create a cybersecurity-aware culture that anticipates threats, rather than just reacting to them. Train employees to recognise phishing attempts and social engineering tactics. The right culture supports and strengthens cybersecurity by making it everyone’s responsibility. Ensure this culture extends to third-party contractors and organisations that you employ for maintenance, management, guarding, etc.

  • Stay ahead of evolving cyber threats in critical infrastructure by taking a holistic and proactive approach that combines technology, human expertise and collaboration. Adaptability is crucial in the ever-changing cybersecurity landscape.

To learn more about cybersecurity as it relates to critical infrastructure such as data centres, download our report on Securing the backbone of our communities.

Authors