Datacenter migration, as smart devices add attack vectors exponentially, the Internet of things (IoT), industrial Internet of things (IIoT), and cloud-based applications rapidly increase data center risk.In this era of global connectivity, organizations need to constantly test their security against complex threats, including Web applications and file-free attacks, memory corruption, return/jump oriented programming (ROP/JOP), and compromised hardware and software supply chain attacks.
While data centers have traditionally relied on detecting and adopting perimeter security solutions to mitigate risks, the proliferation of new cyber threats has increased the need for prevention.According to poirot institute, estimates of data center outage costs an average of more than $740000 (nearly 40% since 2010), who is responsible for the data center network security staff must seek to adopt the next generation of prevention strategies to reduce and close the attack surface, and improve the efficiency of existing infrastructure, processes and personnel.
To protect the surrounding
For decades, peripheral security has been the primary means of protecting data centers.However, this strategy is similar to a medieval castle, where the object of protection is limited to a small area and protected by a solid wall with a heavily guarded entrance point.The data center has built a security layer around it, and these security layers collaborate in depth, the idea being that if one security layer doesn't defend against some attack, it can be protected by the next security layer.
Like castles, data centers emphasize the detection of traffic coming in and out of organizations.Traditional traffic detection methods include mapping out network access points to create continuous testing and reinforcement of peripheral facilities.This is very effective for detecting attacks and generating alerts, and hopefully enough security to prevent security layer damage that can lead to downtime, economic damage, reputational damage, and even environmental damage.
Strengthening data center security
Data center security is no longer about internal protection.Castle solutions work well in the age of mainframes and hardline terminals, but they are less effective against today's threats.In fact, the advent of wireless communications (OTA), iot devices, and cloud computing has made data centers less secure.
The main security challenge facing data centers today is that they must work to maintain the privacy of their data as they deploy applications internally in data centers, public, private, and mixed clouds.While many of their customers extend their business further into the cloud, this may also inadvertently increase the risk of clone configuration extension attacks.An attacker can locate everything in the operating technology components of routers, switches, storage controllers, servers, and sensors and switches.Once hackers gain control of the device, they can extend it more, potentially attacking all the same devices across the network.
Today's attacks come from new or unexpected places, as cyberattackers now have more tools to circumvent perimeter security detection and attack targets from inside the data center.Security is not just about infrastructure, said colonel Paul Craft, director of operations at the joint forces headquarters for the defense information network (jfhq-dodin) at the AFCEA defense network operations symposium in May."" this is our IT platform that will record all of our data, IT's also our ICS and SCADA systems, and IT covers all of our cross-domain networks." "He said.
Many attacks can now be quickly extended from one device to all devices, according to the pollmont institute, as can be seen from hackers' access to 200,000 network devices built with the same code.File - free attacks such as memory corruption (buffers, stacks and heaps) and ROP/JOP (return/jump oriented programming) to perform reordering are also a growing threat, infecting devices 10 times more likely than traditional attacks.
According to symantec's 2018 Internet security threat report, attacks on supply chains have increased 200 percent over the past year.Many organizations and vendors now control only a small portion of their source code because the modern software stack consists of binaries from third parties in the global supply chain that come from proprietary and open source code that contains hidden vulnerabilities.In addition, zero-day attacks are growing rapidly, and many hackers are exploiting unknown vulnerabilities in software, hardware, or firmware to attack systems.
New era of data center network security
Data centers must shift from focusing only on the safety of testing to emphasizing the safety of prevention.As many new attacks completely eschew traditional network and endpoint protection, the latest generation of tools is designed to fend off the growing class of attack media.This not only increases the security against the latest threats, but also increases the effectiveness of tools and processes in handling the rest of the content.
Today, the hardware in the supply chain must be assumed to be compromised.This means that businesses need to build and run protected software on potentially untrusted hardware.Data centers need this new defense strategy, which takes a deep approach to identifying potential vulnerabilities and directly strengthening binaries so that attacks can't be implemented or replicated.
One of the best ways to do this is to somehow convert the software binaries in the device so that the malware cannot change the command and is propagated through the system.This approach, known as "network hardening," prevents a single exploit from spreading across multiple systems.It Narrows the attack horizon and shrinks vulnerabilities in industrial control systems and embedded systems and devices, greatly reducing the chances of physical damage and human damage.
The best security always assumes that hackers will eventually break in.Rather than reacting to an attacked vulnerability after it is exploited, network hardening prevents malware from targeting data centers, and less defensible organizations do not cancel such infrastructure.
