Try GOLD - Free
6 CRITICAL ATTACK VECTORS TO WATCH OUT FOR IN YOUR DATA CENTRE
Security Advisor Middle East
|May 2020
FOR MANY BUSINESSES, THE DATA CENTRE IS SEEN AS A STRATEGIC ASSET IN THEIR EFFORTS TO SUPPORT BUSINESS ACCELERATION REQUIREMENTS. MATT WALMSLEY, EMEA DIRECTOR, VECTRA, GIVES US A LOWDOWN OF THE MOST CRITICAL ATTACK VECTORS THAT THREAT ACTORS ARE USING AGAINST DATA CENTRES.

Data centres, and the wealth of information they contain, represent a tantalising prize for attackers. But unless the attacker gets lucky and finds an Internet-facing vulnerability, directly compromising a data centre takes a significant amount of effort and planning.
As a result, cyber-attacks that target data centres tend to be patient, mature operations that emphasise persistence and require flying below the radar of security teams. From our experience, here are the six most critical attack vectors and techniques that sophisticated cyber attackers use against data centres.
Co-opting administrative access
Administrators have unparalleled access to the data centre and as a result are natural targets for attackers. Administrative protocols can give attackers backdoor access into the data centre without the need to directly exploit an application vulnerability. And by using standard admin tools such as SSH, Telnet or RDP, attackers can easily blend in with normal admin traffic.
Closing the local authentication loophole
In addition to the standard paths utilised by administrators, many data centres rely on local authentication options, that can be used in an emergency, to access the hosts and workloads they need to manage. However, these local authentication options are not logged, and the same login credentials are often shared across hosts and workloads for the sake of simplicity. When attackers find the credentials by compromising an administrator, they can silently access the data centre without fear of their activity being logged.
The administrative hardware backdoor
This story is from the May 2020 edition of Security Advisor Middle East.
Subscribe to Magzter GOLD to access thousands of curated premium stories, and 10,000+ magazines and newspapers.
Already a subscriber? Sign In
MORE STORIES FROM Security Advisor Middle East

Security Advisor Middle East
CITRIX REDEFINES SECURE ACCESS FOR THE HYBRID ERA
FRANCOIS VAN DEVENTER, CTO AT MICLOUDSW, SHARES HOW CITRIX IS TRANSFORMING FROM A REMOTE-ACCESS PIONEER INTO A MODERN ACCESS SECURITY LEADER-EMPOWERING ENTERPRISES TO THRIVE IN AN AI-DRIVEN, ZERO-TRUST WORLD.
7 mins
October 2025
Security Advisor Middle East
KASPERSKY STRENGTHENS CLOUD PROTECTION WITH NEW CLOUD WORKLOAD SECURITY UPDATE
Kaspersky, together with Smart Africa and Africaines in Tech, has launched an innovative, science-backed career orientation test “Future You in Tech” created to promote professional development for young women in the cybersecurity industry and help remove potential entry barriers. The test is designed to help them discover which career paths best align with their interests, skills, and personality.
2 mins
October 2025

Security Advisor Middle East
SANS STRENGTHENS GULF CYBERSECURITY SKILLS THROUGH IMMERSIVE TRAINING, AI-DRIVEN LEARNING
NED BALTAGI OF SANS INSTITUTE OUTLINES HOW ADVANCED TRAINING, NATIONAL WORKFORCE ALIGNMENT, AND AI-FOCUSED FRAMEWORKS ARE SHAPING A MORE RESILIENT CYBERSECURITY LANDSCAPE ACROSS SAUDI ARABIA AND THE WIDER REGION.
4 mins
October 2025

Security Advisor Middle East
FORTINET SECURES DUBAI ENGLISH SPEAKING SCHOOL'S NEW ACADEMIC CITY CAMPUS WITH INTEGRATED NETWORKING AND SECURITY SOLUTIONS
DEPLOYMENT SUPPORTS GROWTH, DELIVERS CENTRALIZED NETWORK MANAGEMENT, AND STRENGTHENS CYBERSECURITY FOR HYBRID LEARNING IN THE EDUCATION SECTOR
2 mins
October 2025

Security Advisor Middle East
FROM CONTINUITY TO CONTINUOUS BUSINESS
COMMVAULT'S FADY RICHMANY OUTLINES HOW MULTI-CLOUD ADOPTION, AI DISRUPTION, AND RELENTLESS THREATS DEMAND A NEW RESILIENCE PLAYBOOK FOR THE UAE'S DIGITAL-FIRST FUTURE.
10 mins
October 2025

Security Advisor Middle East
SENTINELONE NAMED A LEADER IN THE 2025 IDC MARKETSCAPE FOR WORLDWIDE XDR SOFTWARE
SentinelOne, the leader in AI-native cybersecurity, announced that it has been recognised as a Leader in the IDC MarketScape: Worldwide Extended Detection and Response (XDR) Software 2025 Vendor Assessment. It is the latest third-party recognition of the company's Al-powered Singularity platform and its state-of-the-art approach to leveraging both native and third-party security data to stop attacks.
1 mins
October 2025

Security Advisor Middle East
RANSOMWARE PAYMENTS ARE DROPPING, BUT EMEA ORGANISATIONS ARE STILL UNPREPARED FOR ATTACKS
DESPITE THE NUMBER OF ORGANISATIONS PAYING RANSOMS DROPPING BY 22% YEAR-ON-YEAR, 63% WOULD STILL BE UNABLE TO RECOVER FROM A SITE-WIDE CRISIS DUE TO A LACK OF ALTERNATIVE INFRASTRUCTURE PLANS.
2 mins
October 2025

Security Advisor Middle East
FORTINET REPORT REVEALS CONTINUED RISE IN DATA LOSS DESPITE SMARTER DATA SECURITY PRACTICES AND RECORD CYBERSECURITY SPENDING
BUDGETS FOR DATA SECURITY ROSE AT 72% OF ORGANISATIONS LAST YEAR, YET 41% OF ORGANISATIONS STILL LOST MILLIONS TO INSIDER-DRIVEN DATA INCIDENTS
3 mins
October 2025

Security Advisor Middle East
VAD TECHNOLOGIES, CYBERX JOIN FORCES TO STRENGTHEN PEOPLE-CENTRIC CYBERSECURITY ACROSS GCC
THE NEW PARTNERSHIP AIMS TO EMPOWER ENTERPRISES TO BUILD CYBER-RESILIENT WORKFORCES AND DRIVE A CULTURE OF AWARENESS ACROSS THE REGION.
2 mins
October 2025

Security Advisor Middle East
FROM AWARENESS TO ACTION: THE UAE'S CYBERSECURITY FRONTLINES TAKE CENTRE STAGE AT GITEX 2025
OCTOBER BRINGS A POWERFUL CONVERGENCE FOR THE UAE'S DIGITAL LANDSCAPE—WHERE GITEX GLOBAL 2025 AND CYBERSECURITY AWARENESS MONTH UNITE TO SPOTLIGHT THE NATION'S LEADERSHIP IN RESILIENCE, INNOVATION, AND SECURE DIGITAL TRANSFORMATION.
8 mins
October 2025
Translate
Change font size