6 CRITICAL ATTACK VECTORS TO WATCH OUT FOR IN YOUR DATA CENTRE

Security Advisor Middle East|May 2020

6 CRITICAL ATTACK VECTORS TO WATCH OUT FOR IN YOUR DATA CENTRE
FOR MANY BUSINESSES, THE DATA CENTRE IS SEEN AS A STRATEGIC ASSET IN THEIR EFFORTS TO SUPPORT BUSINESS ACCELERATION REQUIREMENTS. MATT WALMSLEY, EMEA DIRECTOR, VECTRA, GIVES US A LOWDOWN OF THE MOST CRITICAL ATTACK VECTORS THAT THREAT ACTORS ARE USING AGAINST DATA CENTRES.
MATT WALMSLEY

Data centres, and the wealth of information they contain, represent a tantalising prize for attackers. But unless the attacker gets lucky and finds an Internet-facing vulnerability, directly compromising a data centre takes a significant amount of effort and planning.

As a result, cyber-attacks that target data centres tend to be patient, mature operations that emphasise persistence and require flying below the radar of security teams. From our experience, here are the six most critical attack vectors and techniques that sophisticated cyber attackers use against data centres.

Co-opting administrative access

Administrators have unparalleled access to the data centre and as a result are natural targets for attackers. Administrative protocols can give attackers backdoor access into the data centre without the need to directly exploit an application vulnerability. And by using standard admin tools such as SSH, Telnet or RDP, attackers can easily blend in with normal admin traffic.

Closing the local authentication loophole

In addition to the standard paths utilised by administrators, many data centres rely on local authentication options, that can be used in an emergency, to access the hosts and workloads they need to manage. However, these local authentication options are not logged, and the same login credentials are often shared across hosts and workloads for the sake of simplicity. When attackers find the credentials by compromising an administrator, they can silently access the data centre without fear of their activity being logged.

The administrative hardware backdoor

Local authentication offers an example of a backdoor that administrators — and attackers — can use to gain access to a data centre. However, there are other examples that take the same approach and extend it deeper into the hardware.

articleRead

You can read up to 3 premium stories before you subscribe to Magzter GOLD

Log in, if you are already a subscriber

GoldLogo

Get unlimited access to thousands of curated premium stories and 5,000+ magazines

READ THE ENTIRE ISSUE

May 2020