The number of data breaches and hacks is constantly increasing. The question is, how long will it be until someone hacks the most vulnerable piece of the IT pipeline. Today I’d like to talk about security, or more specifically, facilities security, or more specifically still, facilities network security. Ok. Let me step back a minute while I define my terms.
A data center often has more than one network in it. There is the normal data pipeline that runs between servers. There’s the SAN which connects the servers to the storage. Then there is a network that connects the CRAC units, the UPS units, the switchgear and the other facilities systems. This is the facilities network.
These facilities networks are some of the least protected networks in all of networking. All of these units communicate together using SNMP or Modbus or BacNet or some other protocol. The problem with all of these protocols is that they transfer their data unencrypted. Also, a lot of the equipment on these networks operate with factory default passwords years after they are initially installed. I can name several default four digit passwords off the top of my head.
In fact, the passwords are readily available in the service manuals which you can search for online for free. Shutting down these units could cause your servers to overheat and literally shut down your data center.
These units don’t even need to be connected to the internet to be compromised. Stuxnet, for instance, is a worm that can infiltrate a facilities network and search for certain PLC’s within that network. Once these PLC’s are infected they can make their equipment spin at such high speeds that the bearings wear out and the equipment is destroyed. This was probably introduced into the Iranian nuclear enrichment centers and it probably made its way onto the network via a USB drive.
To read the full article please click here.