An Alarming Precedent
NETWORKING
owned and operated by the fibre carrier ,” he explains . Then , because this is something he clearly thinks about a lot , he adds : “ Another more complicated way would be to run a port scan through the data centre ' s corporate network to see if there was any bridge between that and the industrial controls networks . If you can locate operational technology devices that control the cooling and power systems , you can shut them down remotely and cripple the data centre as the industrial networking protocols and devices contain no embedded security encryption or measures to protect them .”
Attacks targeting a data centre ’ s power and cooling systems have been on security professionals ’ horizons for over a decade already . In 2014 , academics at Ohio State University ran a number of hardware tests and simulations , coming to the conclusion that , with the right malware , you can easily
An Alarming Precedent
Recent high-profile outages highlight the potential impact of throwing any kind of wrench - accidentally or otherwise - into the delicate Swiss watch of the modern internet .
An outage caused by a glitch at service provider Fastly - which runs an edge cloud between companies ' data centres and the end users of sites like Amazon , Twitch , and Reddit - “ knocked out half the internet ” for about an hour in June . The fire at one of OVHcloud ’ s data centres in Strasbourg left millions of websites offline in March . These outages - albeit briefly - left the internet reeling . And they were both accidents . Imagine what could happen if there was a concerted effort to bring down the internet .
“ One of the easiest ways to knock out a hyperscale data centre would be to target the incoming fibre positions ”
ANONYMOUS
“ generate power spikes on multiple servers at the same time , which may cause branch circuit breakers to trip and lead to undesired power outages .”
And getting that malware inside a data centre , the data centre security exec explains , is actually a lot easier than it sounds . “ Many systems within data centres , which support the cooling , power , and critical infrastructure , require software patches , updates , and maintenance , and are based on extremely vulnerable legacy protocols ,” he says . “ If these are not
62 August 2021