Attackers placing greater stress on exploiting data centres
published : 21 Apr 2023 at 09:20
newspaper section: Business
writer: Suchit Leesa-nguansuk
Attackers have shifted their focus from exploiting individual devices to enterprise data centres, warns cybersecurity firm Palo Alto Networks.
"As the data centre industry swells, attackers have turned their attention from exploiting individual devices to wholesale enterprise data centres," Sean Duca, vice-president and regional chief security officer for Japan and Asia-Pacific at Palo Alto Networks, told the Bangkok Post.
Data centres store personal, confidential and financial information about their customers, stakeholders and employers. Criminals are able to exploit such information, costing businesses millions of dollars to investigate and remediate.
"Data centres are valuable targets for cybercriminals and state-backed hackers. In many cases, the attacks aim to steal or even destroy data," said Mr Duca.
The long-term ramifications of a data breach can ripple through an organisation, impacting everyone from the user base to employees and the cybersecurity teams responsible for remediation.
The damage is not only monetary -- it can have a significant impact on the brand image and reputation of the data centre operator, he said.
One reason for the shift in attacks is a bigger monetary gain, as data centres are gold mines in terms of revenue-generating capabilities.
"Why waste time and resources attacking a single endpoint when you can siphon millions of accounts and personal data at a go from a data centre?" said Mr Duca.
The lure to resell industrial and business secrets also makes data centre information volumes additionally appealing.
Cloud platforms and data centres are built with reliability, security and redundancy by design. However, cybersecurity incidents are still unavoidable. Security standards vary based on the type of data centre the business is built upon.
While the shift to use virtual cloud storage systems has increased the frequency of cyberthreats and data breaches, threats impacting physical data centres can be equally damaging. Therefore, businesses must also prioritise securing their physical network infrastructure, said Mr Duca.
Meanwhile, basic security hygiene enhancements such as automated vulnerability/patch management, strong password enforcement and two-factor authentication, can go a long way in raising the security posture and making it challenging for attackers.
However, the biggest problem is a lack of segmentation. Segmentation is key in isolating assets, servers, network segments and applications for security purposes.
The data centres, by becoming increasingly open to including business partners, distributors, customers, contractors and vendors, are increasingly exposing themselves to potentially vulnerable third parties and introducing their own security risks.
Mr Duca said security must be enforced at multiple places to follow workloads everywhere -- on the perimeter, network fabric and host. Implementing best practices will help better protect dynamic data and application workloads.
Protecting core applications and sensitive data requires cloud-centric, cloud-delivered security agility to converge with zero trust enterprise architecture principles.
The zero trust principle is a security model that eliminates implicit trust in any one element, node or service, instead requiring continuous verification of the operational picture via real-time information from multiple sources to determine access and other system responses.
By leveraging automation to reduce engineering and delivering consistent security, data centre operators can implement zero trust to secure their applications, users and devices, Mr Duca said.