W
What are some of the key cyber-
risks to data centres?
AMMAR ENAYA, REGIONAL
DIRECTOR – MIDDLE EAST,
TURKEY AND NORTH AFRICA
(METNA) AT VECTRA
Attackers are increasingly recognising
that the keys to the kingdom can
be found deeper in the physical
devices used to build the data centre
infrastructure. As a consequence,
security practitioners need to secure
their low-level data centre management
protocols, such as Intelligent Platform
Management Interfaces (IPMI).
These protocols are increasingly
targeted by attackers because they
create a backdoor into the virtualised
data centre environment, access to the
sub-OS environment and control over
hardware resources.
In spite of these risks, these protocols
are rarely effectively monitored by the
security solutions in place. In fact, 32%
of IPMI servers have been found to run
decades-old insecure versions, 5% were
‘secured’ by the default password, 30%
had easily guessable passwords and
only 72% had authentication access.
Today there are over 100,000 hosts
responding to IPMI queries made
across the public Internet, making it an
attractive target for cybercriminals.
We’ll continue to see lower level
architectural layers inside the data
centre becoming increasingly targeted
by cyberattacks.
This exposure represents an untapped
opportunity for the channel to create long
term, strategic engagements and create
value inside their clients’ organisations.
What best practice approach
should data centre owners take
to ensure the infrastructure
is well protected against
cyberattacks?
With cloud and VM mobility, it’s hard
for security teams to even keep a track
of what workloads are where, never
www.intelligentciso.com
|
Issue 17
FEATURE
mind securing them. Having security
detection and response tools that
integrate directly with the hypervisor
and/or cloud service can bridge that
gap. The question then becomes how
quickly and effectively can you detect
and respond to developing attacks in
your infrastructure?
Automation in cybersecurity can
take some of the heavy load off the
shoulders of human analysts and can
make a considerable contribution to
securing infrastructure.
Attackers are
increasingly
recognising that the
keys to the kingdom
can be found deeper
in the physical
devices used to
build the data centre
infrastructure.
AI has an increasingly important role
in this respect, not to replace, but to
augment humans and to make it easier
for them to operate by providing them
with security analysis and insights at a
speed and scale impossible for humans
to achieve.
This provides the opportunity to spot
and respond to attacks that gain a
foothold inside an organisation, before
they can move, escalate privileges and
meet their nefarious end game goals.
All defences are imperfect and you
increasingly achieve diminishing returns
for additional layers of defence.
Security leaders must adopt a healthy
paranoia of ‘I’m already compromised,
where and how?’ and it is imperative to
take an early detection and response
approach to active attacks.
49