DataCenterNews Asia logo
Specialist data center news for Asia
Story image

Top five security threats to data centres – and how to counter them

Wed 4 Nov 2015
FYI, this story is more than a year old

Every day, attackers conspire to take down applications and steal data, leaving data center infrastructure in the crosshairs.

Storing an organisation’s most valuable and most visible assets – its web, DNS, database and email servers – data centers have become the number one target of cyber criminals, hacktivists and state-sponsored attackers.

Whether seeking financial gain, competitive intelligence or notoriety, attackers are carrying out their assaults using a range of weapons. The top five most dangerous threats to a data center are:

- DDoS attacks

- Web application attacks

- DNS infrastructure: attack target and collateral damage

- SSL-induced security blind spots

- Brute force and weak authentication

To counter these threats, organisations need a solution that can lock down their data centers. Otherwise they risk a high-profile data breach, downtime or even brand damage.

DDoS attacks

Servers are a prime target for distributed denial of service (DDoS) attacks aimed at disrupting and disabling essential internet services.

While web servers have been at the receiving end of DDoS attacks for years, attackers are now exploiting web application vulnerabilities to turn web servers into ‘bots’. They use these captive servers to attack other websites.

By leveraging web, DNS and NTP servers, attackers can amplify the size and the strength of DDoS attacks. While servers will never replace traditional PC-based botnets, their greater compute capacity and bandwidth enable them to carry out destructive attacks - one server could equal the attack power of hundreds of PCs.

With more and more DDoS attacks launched from servers, it’s not surprising that the size of attacks has grown sharply. Between 2011 and 2013, the average size of DDoS attacks escalated surged from 4.7 to 10 Gbps.

Worse, there has been the staggering increase in the average packets per second in typical DDoS attacks; attack rates skyrocketed 1,850% to 7.8 Mpps between 2011 and 2013. At the current trajectory, DDoS attacks could reach 75 Mpps in 2015 - powerful enough to incapacitate most standard networking equipment.

DDoS for hire services, often called ‘booters’, have mushroomed too. Many advertise their capabilities in YouTube videos and forum posts. While some masquerade as ‘stress testing’ services, many boldly claim to ‘take enemies offline’ or ‘eliminate competitors’. Such services enable virtually any individual or organisation to execute a DDoS attack.

Web application attacks

Cyber criminals also launch web attacks like SQL injection, cross-site scripting (XSS) and cross-site request forgery (CSRF), trying to break into applications and steal data for profit. Increasingly, attackers target vulnerable web servers and install malicious code in order to transform them into DDoS attack sources.

Some 98% of all applications currently have or have had vulnerabilities, and the median number of vulnerabilities per application was 20 in 2014, according to a 2015 Trustwave Global Security Report.

Today’s most dangerous application threats, like SQL injection and cross-site scripting, aren’t new but they are still easy to perform and lethally effective. Tools like the Havij SQL injection tool enable hackers to automate their attack processes and quickly exploit vulnerabilities.

The recent wave of web attacks on CMS applications has also revealed a gaping hole in the strategy to lock down applications by writing secure code. Because CMS applications are usually developed by third parties, organisations can’t rely on the protection of secure coding. In 2013, 35% of all breaches were caused by web attacks.  More than ever, organisations need a proactive defence to block web attacks and ‘virtually patch’ vulnerabilities.

DNS infrastructure

DNS servers have become a top attack target for two reasons. First, taking DNS servers offline is an easy way for attackers to keep thousands or millions of Internet subscribers from accessing the Internet. If attackers incapacitate an ISP’s DNS servers, they can prevent the ISP’s subscribers from resolving domain names, visiting websites, sending email and using other vital Internet services.

Secondly, attackers can exploit DNS servers to amplify DDoS attacks. In DNS reflection attacks, attackers spoof the IP address of their real attack target. They send queries that instruct the DNS server to recursively query many DNS servers or to send large responses to the victim. As a result, powerful DNS servers drown the victim’s network with DNS traffic. Even when DNS servers are not the ultimate target of the attack, they can still suffer downtime and outages as the result of a DNS reflection attack.

SSL-induced blind spots

To prevent the continuous stream of malware and intrusions in their networks, enterprises need to inspect incoming and outgoing traffic for threats. Unfortunately, attackers are increasingly turning to encryption to evade detection.

With more and more applications supporting SSL – more than 40%of applications can use SSL or change ports – SSL encryption represents an enormous crater that malicious actors can exploit.

While many firewalls, intrusion prevention and threat prevention products can decrypt SSL traffic, they can’t keep pace with growing SSL encryption demands. The transition from 1024- to 2048-bit SSL keys has burdened security devices because 2048-bit certificates require approximately 6.3 times more processing power to decrypt. With SSL certificate key lengths continuing to increase, many security devices are collapsing under increased decryption demands.

For end-to-end security, organisations need to inspect outbound SSL traffic originating from internal users, and inbound SSL traffic originating from external users to corporate-owned application servers to eliminate the blind spot in corporate defences.

NSS Labs found that eight leading next-generation firewall vendors experienced significant performance degradation when decrypting 2048-bit encrypted traffic. NSS Labs asserted that it had ‘concerns for the viability of SSL inspection in enterprise networks without the use of dedicated SSL decryption devices’.

Clearly organisations need a high-powered solution to intercept and decrypt SSL traffic, offloading intensive SSL processing from security devices and servers.

Brute force and weak authentication

Applications often use authentication to verify users’ identity, allowing application owners to restrict access to authorised users and customise content based on user identity. Unfortunately, many enforce only single-factor, password-based authentication. This exposes them to a host of threats, from simple password guessing and stolen credentials to automated brute force attacks from password-cracking tools.

Many users select the same password for multiple accounts, so when one is compromised, all others are at risk. Within hours of a breach, hackers will crack stolen password lists, even password hashes, and use them to break into other online accounts.

Two-factor authentication can drastically reduce the risk of password cracking. Combining passwords with out-of-band authentication such as SMS messages to mobile devices or with hardware or software tokens greatly decreases the risk of brute force or password cracking. In addition, user context, such as a user’s browser and operating system or a user’s geographic location, can help to identify fraudulent activity. Application owners can build advanced rules to identify high-risk users or password-cracking tools, to safeguard user accounts.

Simply rolling out and managing authentication across many different web applications can be daunting, while setting up client authentication schemes for dozens of applications entails costly and time-consuming development work. So organisations need an integrated solution that can centrally manage authentication services and block users with repeated failed login attempts.

ADCs offer multiple protection

To shield data center infrastructure from attack, organisations need a solution that can mitigate a multitude of threat vectors and still deliver unmatched performance.

Application delivery controllers (ADCs) can help organisations to safeguard their data center infrastructure. Deployed in the heart of the data center, ADCs can block attacks, intercept and inspect encrypted traffic and prevent unauthorised access to applications.

Next-generation ADCs offer the following defences to shield data center infrastructure from emerging threats: DDoS protection, Web application firewall (WAF), DNS application firewall (DAF), SSL insight and SSL Offload, and application access management for authentication.

Organisations should evaluate the security features of ADCs carefully to make sure they can mitigate data center risks effectively. They should seek a product line that helps to protect servers and applications from data center risks, while still providing unmatched application performance. An ADC that includes a comprehensive set of security features at no additional cost can be a bonus.

By Greg Barnes, Managing Director, ANZ, A10 Networks

Related stories
Top stories
Story image
Infrastructure
Global investment in data centers more than doubled in 2021
DLA Piper's latest global survey finds the total investment in data center infrastructure worldwide rose from USD $24.4 billion in 2020 to USD $53.8 billion in 2021.
Story image
Cloud
Cloudflare outage in 19 data centers worldwide due to own error
Cloudflare says its outage for 19 of its data centers yesterday was because of a change in a long-running project to increase resilience in its busiest locations.
Story image
Amazon Web Services / AWS
Qualtrics goes live on AWS Cloud Infrastructure in Japan
Organisations across Japan will now be able to access the Qualtrics XM/OS platform locally via data centre in the AWS Asia Pacific (Tokyo) region.
Story image
Partnerships
Thailand announces launch of the Thailand 5G Alliance
It will promote collaboration between the public and private sector, through companies such as Huawei, to commercially drive Thailand's 5G development.
Story image
Broadband
Singapore found to have the speediest internet rates in the world
New research from BanklessTimes has shown that Singapore has the highest recorded median internet speed in the world at 207.61 MBPS.
Story image
Microsoft
SAS Viya on Microsoft Azure to deliver 204% return - study
The Forrester Total Economic Impact study finds SAS Viya on Microsoft Azure brings a 204% return on investment over three years.
Story image
Artificial Intelligence
Databricks announces new offering for Unity Catalog
Databricks has significantly expanded data governance capabilities on the lakehouse by unveiling data lineage for Unity Catalog.
Story image
Sustainability
RDA and MVGX partner for sustainable data center development
Red Dot Analytics (RDA) and MetaVerse Green Exchange (MVGX) have entered a strategic partnership to make Singapore's data center development and operations more sustainable.
Story image
Colocation
Digital Edge chooses Nortek’s StatePoint for new data center
Digital Edge will use Nortek's StatePoint liquid cooling technology in its new data center, the first commercial colocation operator in Asia to do so.
Story image
Cybersecurity
Kaspersky opens three new centers to boost data management
Cybersecurity company Kaspersky has opened three new Transparency Centers, one in Japan, the second in Singapore and the third in the United States.
Story image
Cloud
SnapLogic improves Intelligent Integration Platform
SnapLogic has released new features and improvements to its Intelligent Integration Platform, which will allow IT, data and business teams to make select processes faster and more straightforward.
Story image
Cloud
Microsoft unveils adaptive accessories for disability access
Microsoft is introducing an expansive Inclusive Tech Lab to give people with disabilities greater access to technology through new software features and adaptive accessories.
Story image
Sustainability
AirTrunk boosts Japan presence with West Tokyo data center
AirTrunk is planning to build TOK2, a new hyperscale data center in Japan which will strengthen the company’s presence in the country.
Story image
Cloud
Telstra expands business offerings in the Philippines
The expansion aims to offer more choice for customers and enhance connectivity into the Philippines, and within the country.
Story image
Robotic Process Automation / RPA
Micro Focus unveils Data Center Automation for SaaS delivery
MicroFocus has released Data Center Automation (DCA) for software-as-a-service (SaaS) delivery, offering more cost-effective vulnerability risk and IT compliance management.
Story image
Digital Transformation
The Huawei APAC conference kicks off with digital transformation
More than 1500 people from across APAC have gathered for the Huawei APAC Digital Innovation Congress to explore the future of digital innovation.
Story image
Infosys
Preparing for the digital decade with the right workforce strategies
For a decade that started under the pall of the pandemic, the 2020s is poised to end with a bang with the digital economy swelling to a high across the world.
Story image
Sustainability
SoftIron named global leader for efficient DC infrastructure solutions
SoftIron has been named a global leader for supplying energy-efficient data infrastructure solutions for core-to-edge data centers after an assessment by Earth Capital Ltd.
Story image
Data Science
Neo4j announces service delivery alliance with Deloitte
Neo4j has announced a service delivery alliance with Deloitte Consulting Southeast Asia for a range of services to customers within the region.
Story image
Secure access service edge / SASE
Cisco unveils new cloud-managed networking offerings
Cisco has announced new cloud management capabilities that offer a unified experience across the Cisco Meraki, Cisco Catalyst and Cisco Nexus portfolios.
Story image
Infrastructure
New Uptime analysis highlights worsening downtime costs and consequences
New data from Uptime Institute has found that downtime costs and consequences are worsening as those involved in data infrastructure fail to find ways to curb outages.
Story image
CASB
Juniper expands SASE offering with data loss prevention capabilities
Juniper has announced the expansion of its SASE offering with the addition of cloud access security broker (CASB) and data loss prevention (DLP) capabilities.
Story image
Power / Energy
Keysight Technologies introduces new next-gen DPT solution
Keysight Technologies has announced its new next-generation Double-Pulse Tester (DPT) with the PD1550A Advanced Dynamic Power Device Analyser.
Story image
Cloud
Talend introduces new data health solutions for businesses
Talend has announced its latest version of Talend Data Fabric, with the release of Talend Trust Score enabling data teams to establish a foundation for data health.
Story image
Cloud
Cisco Live showcases new offerings in its first hybrid event
Cisco Live 2022 has seen Cisco executives and customers take the stage to present a range of discussions in the company’s first-ever hybrid event.
Story image
Expansion
Colt Technology expands into South Korea data center market
Colt Technology Services has expanded its network into the South Korean market, offering the country’s businesses cost-effective, low latency connectivity.
Story image
Sustainability
Siemens showcases new automated solutions for data centers
Siemens has implemented new automated solutions and AI in the Baltic region's largest data center, providing insight into the future of data center management.
Story image
Cloud
Vertiv introduces line of redundant power transfer switches
Vertiv has introduced Vertiv Geist Rack Transfer Switch (RTS), a new line of transfer switches that provides redundant power to single-corded devices.
Story image
Cloud
Boomi surpasses 20,000 customers. Sets record for the iPaaS space
Boomi has announced it has surpassed the 20,000 customer mark, setting the record for the largest customer base among iPaaS vendors.
Story image
Cable
New high-performance cable in the works for Asia
A new high-performance submarine cable is being built to enhance connectivity between Hong Kong, China and Southeast Asia.
Story image
Cybersecurity
Secureworks researches new threat to Elasticsearch databases
Researchers from Secureworks' Counter Threat Unit have identified indexes of multiple internet-facing Elasticsearch databases replaced with a ransom note.
Story image
Healthcare
SnapLogic launches Accelerator for Amazon HealthLake
SnapLogic has launched Accelerator to allow healthcare and life sciences organisations to turn raw data into healthcare-related insights and actions.
Story image
Sisense
Data and analytics could be key to higher selling prices in APAC
Sisense's latest report has found that almost half of data professionals in APAC think customised data and analytics can create better selling prices for their products.
Story image
Sustainability
Huawei unveils next-generation sustainable data centers
Huawei says its next-generation data centers will be powered by PowerPOD 3.0, which reduces the footprint by 40% and cuts the energy consumption by 70%.
Story image
Sustainability
Aligned Data Centers increases sustainability-linked loan
Aligned Data Centers has increased its sustainability-linked loan from $375 million to $1.75 billion to speed up the next phase of its strategic growth.
Story image
Infrastructure
SolarWinds IT Trends Report highlights increased cloud complexity for businesses
SolarWinds' new IT Trends report has signalled a significant shift in the way businesses are dealing with hybrid cloud and infrastructure.
Story image
Cloud
QuSecure partners with DataBridge Sites to showcase platform
QuSecure has partnered with DataBridge Sites to showcase its Quantum-as-a-Service (QaaS) orchestration platform, QuProtect.
Story image
Sydney
Equinix and PGIM Real Estate open data centre in Sydney
Equinix and PGIM Real Estate, the real estate investment and financing arm of PGIM, have announced the first xScale data centre in Sydney, named SY9x.
Story image
Vietnam
Viettel IDC deploys Cloudian Hyperstore object storage for enhanced cloud solutions
Cloudian has announced that its Hyperstore object storage has been deployed by Vietnam telco Viettel IDC, citing the technology’s flexibility, multi-tenancy and ransomware protection as significant advantages.
Story image
Sustainability
Daikin and SP Group to build new energy efficient district cooling system
The project, set to be complete by 2025, will create a system with a cooling capacity of up to 36,000 refrigerant tonnes (RT). 
Story image
Sustainability
Legrand unveils Nexpand, a data center cabinet platform
Legrand has unveiled a new data center cabinet platform, Nexpand, to offer the necessary scalability and future-proof architecture for digital transformation.
Story image
Sustainability
Intel unveils new investments for data center sustainability
Intel has announced two new investments, continuing its efforts to create more sustainable data center technology.
Story image
Microsoft
Microsoft, Cloudian partnership offers data center flexibility
Cloudian’s HyperStore object storage platform is now integrated and validated to work with Microsoft SQ Server 2022, offering more flexible and scalable data centers.
Story image
Employment
Tech job moves - Forcepoint, Malwarebytes, SolarWinds & VMware
We round up all job appointments from May 13-20, 2022, in one place to keep you updated with the latest from across the tech industries.