Data center security is an essential concern at any time, but arguably even more so now as the world grapples with the COVID-19 pandemic. As a data center professional, which cybersecurity threats should you be particularly aware of during these times? Here are four issues well worth your attention:
1. Cryptominers Hacking CPUs
Malicious cryptomining — also called cryptojacking — occurs when a cybercriminal saps an affected device’s central processing unit (CPU) power to mine cryptocurrencies. Mining cryptocurrency requires substantial CPU resources, and as cryptocurrencies such as Bitcoin become more popular, hackers turn their attention to methods of illegally gaining CPU availability.
European supercomputers used to assist with COVID-19 research have gone offline due to cryptomining attacks on academic data centers. The perpetrators logged in from compromised networks at the University of Krakow, Shanghai Jiaotong University and the China Science and Technology Network. Some reports suggest that credential sharing among institutions may have made it easier for hackers to wreak havoc.
Data center employees should remain aware of unusual changes when working with computer equipment, such as performance decreases and command execution delays. Setting unique and robust passwords could also mitigate these kinds of attacks.
2. Security Lapses Due to Non-Essential Workers Operating From Home
The data center staff members who directly work on a facility’s equipment are typically essential, so they’ll continue coming in to work despite widespread lockdowns to curb the coronavirus’ spread. Some data centers began letting all other employees work from home, however. The people in that group could include marketing, sales and customer service personnel, for example.
Unfortunately, staying productive from home is a major transition for many. As workers adjust to all the newness, some may forget to follow the usual security procedures, while some may be unsure how to access security-related apps from their abodes. Employee education is a crucial part of maintaining data center security. Providers should consider holding dedicated seminars for remote workers to teach them how to stay safe at home, plus boost awareness of emerging threats.
Another practical way to keep security levels high is to distribute information about how to update operating systems and software. Working on a laptop full of old applications, for example, could make it easier for hackers to break in and compromise the machine.
3. InfoStealer Malware Attacks
Malware attacks can be severe enough that they shut down entire online infrastructures. Researchers at Lastline focused on a specific variety called InfoStealer malware. As you might guess from the name, it can record keystrokes, take screenshots and activate a user’s webcam, among other things. Then, cybercriminals can spy on unsuspecting users and obtain sensitive details that allow future infiltrations.
The company deployed sensors in its United States and international data centers to get an idea of how COVID-19 made InfoStealer cybersecurity threats increase. Lastline’s study, which spanned from March 1 to April 1, showed many days within that period when cybercriminals deployed several types of InfoStealer malware. This trend means that effective cybersecurity practices for data centers require staying abreast of numerous threats within this category.
The threat is not unique to data center employees, but since this kind of malware is becoming more prominent, it has a significant potential to affect that sector, as well as many other industries. Lastline’s research indicated that hackers targeted a wide assortment of popular browsers, file transfer protocols (FTP) services and email clients. The cybercriminals also often embedded the malware within attachments meant to convey urgency, such as those associated with COVID-19.
The identified increase in InfoStealer malware gives data center security experts an excellent opportunity to remind all staff members never to download strange attachments. Data center managers may consider setting up a new protocol to avoid this cybersecurity hazard. When workers receive emails from unfamiliar senders that insist they perform an urgent action, they could notify someone on the data center’s security team for further advice rather than immediately obeying.
4. Outages Occurring Because of Inadequate Data Center Security
Data centers help people shop online, connect with loved ones and remain productive during the coronavirus pandemic. They also support websites that distribute authoritative information from national governments. An attack occurring on February 18 showed what can happen when cybersecurity for data centers falls short.
Cybercriminals targeted a data center associated with the Rwandan government when they orchestrated a firewall hack. The effort took down several public and private-sector websites, including those for the country’s president and military. Hackers also compromised the nation’s government operations in 2016. That instance involved targeting the video conferencing software used by local government branches and included a data dump of sensitive details.
Besides the potential for data center cyberattacks to disrupt services, they could also cause clients to lose confidence in their providers. Customers want assurance that data center brands have taken all the necessary precautions to reduce outages — cybercrime-related or otherwise.
You should strongly consider examining the current infrastructure for data center security weaknesses and addressing them when possible. Criminals who primarily operate online look for ways to cause the most chaos with their efforts. The added stresses of COVID-19 might make it easier for them to pull off successful attacks, especially if data center facilities struggle to adapt to the new normal the coronavirus has created.
No Time for Complacency
The four threats here illustrate why staying on top of security in a data center is crucial, especially now. People are incredibly dependent on the websites that data centers support, and any cybersecurity issues could disrupt or restrict their access.