DataCenterNews Asia logo
Specialist data center news for Asia
Story image

Data centre cybersecurity actions that most people overlook

By Contributor
Fri 18 Jan 2019
FYI, this story is more than a year old

Article by Schneider Electric Innovation and Data Center vice president Steven Carlini

It’s been well publicised that Microsoft fends off more than 7 trillion cyberthreats per day, and allocates over $1 billion each year to cybersecurity for its cloud data centers.

While your data center may not see “trillions” of cyberthreats per day (and you may not spend in the “billions” to protect your company’s data), I bet that you have a comprehensive plan in place for the protection of your digital data from theft or corruption.

Signs of effective data center cybersecurity

Effective data center cybersecurity practices include: Encrypted devices, firewalls, IDS/IPS, SIEM’s, SOC’s, stringent physical security, with documented procedures and clearly-defined business protocols.

If you consider cybersecurity a priority, you may have secured the main entry point (core), put your IT systems into “clusters” and redundantly protect those, and hard connected IT devices through physical communications cables.

Cybersecure-conscious companies integrate executive oversight to their c-suite team and add a new role of chief security officer. Rigorous audits are common and important compliance standards could include, but are not limited to:

  • NIST 800-53 PE and FISMA
  • SSAE-18 (SOC 1)/ISAE 3402
  • HIPM
  • ISO27001

Cybersecurity threats: Learn from these real-life examples

With these types of measures in place, companies are most likely confident in fending off cyberattacks. But history has shown that no fortress is impenetrable and a common theme is woven into the most famous and costly breaches.

In military terms it is called a flanking manoeuvre, which is an attack on the sides or rear of an opposing force. Flanking is useful because an army’s power is typically concentrated in its front – as is cybersecurity.

Let’s look at a couple of high-profile flanking breaches:

Uber – Uber CEO Dara Khosrowshahi said two hackers stole the personal data of 57 million Uber users, including phone numbers, email addresses, and names, and the driver’s licence numbers of 600,000 Uber drivers in 2016.

The hackers got in through Uber’s GitHub account, a site its engineers use to code applications and track projects. There, hackers found the username and password to access Uber user data. GitHub is an engineering development site – not associated with any customer or driver accounts. However, it resides on the same network.

Target – In 2013, attackers first broke into the retailer’s network by using network credentials stolen from Fazio Mechanical Services, a Sharpsburg, Pennsylvania based provider of refrigeration and HVAC systems, according to USA Today.

Personally Identifiable Information (PII) of 70 million customers was compromised, including names, addresses, email addresses, and telephone numbers. Target’s CIO resigned in March 2014, and its CEO resigned in May of the same year. The company estimated the cost of the breach at $162 million.

Cooling system vendors need to be able to remotely access systems to conduct maintenance or to troubleshoot glitches and connectivity issues with the software.

This is mainly for cost savings, versus dispatching service personnel to the site. It’s clear why Target gave an HVAC company external network access, but company leaders obviously had no idea it could be used to access Target’s payment system network.

Ukraine Power Grid – A successful cyberattack on a power grid was carried out in December 2015.

Hackers successfully compromised the information systems of three energy distribution companies in Ukraine to temporarily disrupt electricity supply from 30 substations, leaving 230,000 people without electricity for a period from 1-to-6 hours.

Energy companies use SCADA (Supervisory Control and Data Acquisition) systems where the hackers were able to remotely switch off substations by hijacking unprotected networks through which uninterruptible power supplies were communicating.

Securing your greater digital ecosystem

As you can see it’s necessary to think about your entire digital ecosystem with a wide view that sees beyond the boundaries of your IT room.

In the data center, most of the focus has been on defending the core where all the servers and storage are located. But cybercriminals are looking at where they can flank your position, as shown by the cyberattack cases.

It’s time to look at cyber protection from all perspectives and all domains of the data center. Data Center are sometimes conceived, designed, constructed, and managed in three domains – IT Room, Power, and Building (cooling).

Protecting your digital vulnerabilities from cybersecurity attacks

Knowing where your systems are vulnerable is the key to protecting them.

As we have seen from the examples, once cybercriminals get inside your firewalls, they can navigate their way to customer data or even shut down your business functions or power.

These peripheral areas and components are not your core competency – the IT room is. This is precisely where Schneider Electric can help.

Schneider can provide a comprehensive assessment and analysis to reveal the gaps between where you are now and worry-free protection.

We can deliver a clear roadmap and action plan, which designates the right people, processes, and technologies to bridge the gaps in your data center and minimise the possibility of a cybersecurity flank attack.

Related stories
Top stories
Story image
Microsoft, Cloudian partnership offers data center flexibility
Cloudian’s HyperStore object storage platform is now integrated and validated to work with Microsoft SQ Server 2022, offering more flexible and scalable data centers.
Story image
SoftIron named global leader for efficient DC infrastructure solutions
SoftIron has been named a global leader for supplying energy-efficient data infrastructure solutions for core-to-edge data centers after an assessment by Earth Capital Ltd.
Story image
Aligned Data Centers increases sustainability-linked loan
Aligned Data Centers has increased its sustainability-linked loan from $375 million to $1.75 billion to speed up the next phase of its strategic growth.
Story image
Tech job moves - Forcepoint, Malwarebytes, SolarWinds & VMware
We round up all job appointments from May 13-20, 2022, in one place to keep you updated with the latest from across the tech industries.
Story image
Intel unveils new investments for data center sustainability
Intel has announced two new investments, continuing its efforts to create more sustainable data center technology.
Story image
AirTrunk boosts Japan presence with West Tokyo data center
AirTrunk is planning to build TOK2, a new hyperscale data center in Japan which will strengthen the company’s presence in the country.
Story image
SAS Viya on Microsoft Azure to deliver 204% return - study
The Forrester Total Economic Impact study finds SAS Viya on Microsoft Azure brings a 204% return on investment over three years.
Story image
SpaceDC partners with Aofei for data center sales in Asia
SpaceDC has partnered with Aofei Data International to sell Aofei's data centers, CDN and SDN in China.
Story image
Data Center
Preventing downtime costs and damage with Distributed Infrastructure Management
Distributed Infrastructure Management (DIM) can often be a lifeline for many enterprises that work with highly critical ICT infrastructure and power sources.
Story image
Report - Data investment the key to better business growth
New research from Digital Realty has revealed that almost half (47%) of IT leaders globally believe their business investment in data systems and infrastructure is a key obstacle or concern.
Story image
Orange moves Siemens AG’s entire operations to a SD-WAN
Orange Business Services has migrated Siemens AG's entire global operations, 1168 sites across 94 countries, to a SD-WAN
Story image
Cisco reveals new tech, intends to prevent network issues
Cisco has revealed new technology intended to mitigate costly disruptions by aiding IT teams in learning, predicting and planning.
Story image
Data Center
CBRE finds record levels of investment in APAC data centers
CBRE's new report finds direct investment in the sector more than doubled in 2021, surpassing investment volumes for the past four years combined
Story image
Data Center
Tier III Ready Datacenter solutions shortlisted for major awards
"These designs will accelerate data center clients' own Tier III certification, reduce the cost, and fast-track their time to market."
Story image
Akamai announces new products across security, computing
Akamai has announced a series of new products and updates to existing products across its security and compute product lines, including its entry into the infrastructure as a service (IaaS) market.
Story image
Genetec launches new enclosure management system for data centers
Genetec has released a new enclosure management solution that will give data centers the ability to secure, monitor and manage access to racks and cabinets remotely.
Find out how a behavioural analytics-driven approach can transform security operations with the new Exabeam commissioned Forrester study.
Link image
Story image
Legrand unveils Nexpand, a data center cabinet platform
Legrand has unveiled a new data center cabinet platform, Nexpand, to offer the necessary scalability and future-proof architecture for digital transformation.
Story image
Power / Energy
Keysight Technologies introduces new next-gen DPT solution
Keysight Technologies has announced its new next-generation Double-Pulse Tester (DPT) with the PD1550A Advanced Dynamic Power Device Analyser.
Story image
Daikin and SP Group to build new energy efficient district cooling system
The project, set to be complete by 2025, will create a system with a cooling capacity of up to 36,000 refrigerant tonnes (RT). 
Story image
Microsoft unveils adaptive accessories for disability access
Microsoft is introducing an expansive Inclusive Tech Lab to give people with disabilities greater access to technology through new software features and adaptive accessories.
Story image
The 'A-B-C' of effective application security
Software applications have been a key tool for businesses for decades, but the way they are designed and operated has changed during the past few years.
Story image
Colt connectivity with AWS increases services in Asia
Colt Technology Services expands cloud connectivity to AWS Direct Connect Hosted services, with speeds of up to 10 Gbps in Asia.
Story image
Siemens showcases new automated solutions for data centers
Siemens has implemented new automated solutions and AI in the Baltic region's largest data center, providing insight into the future of data center management.
Story image
Power / Energy
DigitalBridge makes $30 million equity investment in LEDC
Leading Edge Data Centres (LEDC) has announced it has secured an AUD$30 million equity investment in its regional edge network from an affiliate of DigitalBridge Group, DigitalBridge.
Story image
Digital Edge chooses Nortek’s StatePoint for new data center
Digital Edge will use Nortek's StatePoint liquid cooling technology in its new data center, the first commercial colocation operator in Asia to do so.
Story image
Talend introduces new data health solutions for businesses
Talend has announced its latest version of Talend Data Fabric, with the release of Talend Trust Score enabling data teams to establish a foundation for data health.
Story image
Digital Transformation
Multiplex, NEXTDC making strong progress on S3 data centre
Multiplex has made a significant achievement on Stage 1 of NEXTDC’s S3 data centre, ‘topping out’ the structure in the Artarmon on Sydney’s lower North Shore.
Story image
Odaseva expands in APAC and UK with more security features
Odaseva, a data platform for Salesforce, is establishing new headquarters in London as well as a new data center in India.
Story image
Tech Data
Tech Data to use Pluribus Networks’ cloud solutions in APAC
Tech Data says using Pluribus Networks' Unified Cloud Fabric solution will be a "game-changer" for its data center infrastructure customers and partners.
Story image
NVIDIA announces a spate of new innovations at Computex 2022
NVIDIA has announced its latest innovations in data center, robotics, content creation, and gaming in a virtual keynote address on the opening day of Computex 2022 in Taipei.
Story image
New strategies for cloud-native attacks - Aqua Security
New research from Aqua Security reveals attackers are using more sophisticated techniques to target cloud-native environments.
Story image
Databricks grows in APAC market, expands into Korea
Databricks officially launches a local office in Seoul, Korea, building on existing partnerships with Cloocus, Megazone and the Weverse Company
Story image
NTT launches IoT Services for Sustainability offering
"We know what actions are needed to build a more sustainable future and have a robust suite of technologies available to help deliver this impact."
Story image
Red Hat
Red Hat expands capabilities to provide streamlined application development in cloud
"Application development is undergoing significant change and developers need tools to support this transformation."
Story image
Digital Transformation
EdgeConneX enters Indonesia, plans for data center campus
EdgeConnex has announced it is expanding its presence in Asia with the acquisition of GTN Data Center in Indonesia.
Story image
New high-performance cable in the works for Asia
A new high-performance submarine cable is being built to enhance connectivity between Hong Kong, China and Southeast Asia.
Story image
Disaster Recovery
Kacific launches emergency connectivity offering, CommsBox
Kacific has announced the release of a new emergency connectivity offering designed to rapidly provide broadband service in emergency or disaster zones.
Story image
Telstra expands business offerings in the Philippines
The expansion aims to offer more choice for customers and enhance connectivity into the Philippines, and within the country.
Story image
Data Center
Digital Edge to build South Korea's largest commercial data center
The project will be the largest commercial data center project in South Korea with total IT power of 120MW and a capital investment of more than KWR$1 trillion.
Story image
Digital Transformation
The Huawei APAC conference kicks off with digital transformation
More than 1500 people from across APAC have gathered for the Huawei APAC Digital Innovation Congress to explore the future of digital innovation.
Story image
Energy storage demand momentum continues, says BYD
BYD has announced an expansion of its production capacities and will deliver 250,000 units of its energy storage system, BYD Battery-Box Premium.
Story image
Data and analytics could be key to higher selling prices in APAC
Sisense's latest report has found that almost half of data professionals in APAC think customised data and analytics can create better selling prices for their products.
Story image
AyalaLand and FLOW partner for data center development
AyalaLand Logistics Holdings Corp (ALLHC) and FLOW Digital Infrastructure have entered into a framework agreement to bolster the development of carrier-neutral data centers in the Philippines.