Over the last several years, the world has ushered in a new era of sustained cyber attacks. These new threats are not aimed at the normal targets like e-commerce sites, banks, or hospitals and don’t use previously common attack methods like denial of service or ransomware. Instead, physical infrastructure—including power grids, water treatment plants, production lines, and even at-home devices like security cameras and internet of things (IoT) equipment—are now frequently being probed and attacked.
While the concept isn’t new, many of us are familiar with Stuxnet being used to deliver attacks against supervisory control and data acquisition (SCADA), it always seemed like an attack against someone else’s infrastructure or a game played outside of traditional enterprises. This leap from information technology (IT) assets to operational technology (OT) assets is significant in the world of protecting critical infrastructure. These threats are coming into full view, and new methods of delivering attacks are being discovered (that in some cases can jump over the previously fail-safe method of an “air gap” or disconnected network protecting operational technology).
Traditional Data Center Security
Data centers are nothing if not secure from both physical and cyber threats. Today, however, the most pressing threats facing data centers no longer conveniently fit into the two distinct boxes of physical and cyber risks. In fact, the threat environment has become so blended and dynamic that the traditional security model of most data centers is outdated and ineffective.
Most data center providers operate with two independent teams, each responsible for a specific risk category-physical or cyber. These teams typically have siloed leadership chains, which rarely overlap in risk management processes, and separate common operating pictures of the threat landscape. The traditional approach to bolster a data center’s security posture remains rudimentary: add more security guards onsite and purchase more cyber security tooling.
Evolving Threat Landscape
Data center security strategy, technology, and tactics have matured slowly compared to the evolving threats facing today’s critical infrastructure. Every aspect of the working world is now digitized, which introduces many new attack vectors for bad actors to exploit. The sophisticated threats highlighted below become extremely difficult to prevent using a traditional security model:
- Operational Technology: Industrial equipment (think data center HVAC units, sub-stations, generators, etc.) is being attacked through centralized monitoring software systems.
- Information Technology: Unauthorized physical access to a data center space is being achieved by exploiting a vulnerable identity and access management system.
- Internet of Things: Unsecured cell phones, smart home and office tools, virtual assistants, and other connected devices are being accessed by bad actors to collect private information that can be used in a physical attack.
- Unmanned Aircraft Systems: Drones are being weaponized to fly explosives into targets or control infrastructure technology from afar.
In anticipation of these threats, QTS Data Centers has implemented a converged security model as a holistic approach to managing physical and cyber risks. Converged security seeks to break down the traditional silos of physical and cyber security into a single, unified program to identify and manage risk. Under this single banner and leadership model, QTS is able to view more comprehensively the risk landscape and plan for more integrated and coordinated responses to threats. Blended threats require a blended response.