Datacentre operators warned off prioritising on-site security over cyber threat protection

Too many datacentre operators prioritise physical security over protection from cyber attacks, it is claimed

Datacentre operators are putting the integrity of their facilities at risk by prioritising the physical security of their sites over safeguarding them from cyber attacks.

That was the view of several speakers at a datacentre security event held by trade association TechUK, who warned facilities are increasingly seen as a lucrative target for hackers.
The event was conducted under Chatham House Rules, which allows Computer Weekly to report on what was discussed as long as the speakers aren’t identified.

“We are increasingly seeing attackers going after datacentres rather than PCs. Your home network, however fast your BT Infinity line is, is nowhere near as fast as a line in and out of a datacentre,” said one of the speakers.

“So, if you can compromise that, you can really ramp up a distributed denial-of-service attack,” the speaker added.

Typically, these type of attacks are carried out by hackers who compromise computers with the help of malware, so they can be grouped together to form a botnet. However, there have been instances where datacentre servers have been enlisted too.

Physical versus cyber security

Datacentre security discussions often centre on the physical barriers operators have built into their facilities to prevent thieves, trespassers and vandals from gaining access and causing disruption.

As such, many employ biometric-based site access systems and build reinforced perimeter fences using bombproof materials.

It’s also not unheard of for some sites to restrict staff access to certain parts of their facilities if their job role states they have no business being there.

During the event’s discussion it was suggested there might be a tendency for datacentre operators to overlook cyber security, as they seek to build highly secure and resilient facilities.

This is despite the fact it’s less risky for an attacker to carry out a remote attack compared with an on-site one.

“If I was going to try and break into one of your datacenters, I’ve got to drill through a wall or get a shotgun and physically attack someone – and the risk to me as a person is quite bad.

“If I’m attacking you in a cyber-sense, I can be somewhere else in the world outside of your jurisdiction, and I’ve probably compromised four systems in between. So, getting back to me is nigh on impossible. The risk is low, but the reward is high,” the speaker said.

Speaking to Computer Weekly after the event, Bob Tarzey, an analyst at market watcher Quocirca, said the levels of physical security offered by datacentre providers is often a key selling point for their services, particularly those in the co-location space.

But, if customers are concerned their provider is too pre-occupied with the physical security of their sites, they should consider making a wholesale move to the cloud. Changing to an infrastructure-as-a-service platform, said Tarzey, will provide a security service level agreement all the way up to the hypervisor.