In this first part of a three-part series written for the enterprise CSO, we’ll explore what cyber threats are and why they’re growing. In parts 2 and 3 we’ll explore the role the data center plays in cyber security and why Data Center 1.0 is unequipped to deal with those threats; and how Data Center 2.0 is the only way to ensure data security into the future.
Cyber Threats are Increasingly Sophisticated and Increasingly Destructive
The cyber threats that private enterprises and public organizations face fall into three categories:
1) Exploitation – the theft of intellectual property and personal identifiable information
2) Disruption – denial-of-service attacks that interrupt the enterprise’s ability to provide the service
3) Destruction – the destruction of data and systems, logical and/or physical
The victims of these attacks come from all sectors of the global economy – governmental and intergovernmental organizations and enterprises. We’ve witnessed the intentional disruption of state and business activities, such as the cyber attacks launched against Georgia and Estonia. In the Middle East we’ve seen disruptive attacks like the ones launched last year against Saudi Aramco. And high-speed encrypted denial-of-service (DDoS) attacks are leveled against financial institutions every day.
These kind of cyber attacks are increasing in frequency – Gartner calls high-bandwidth denial of service attacks “the new norm” and says they will “continue wreaking havoc on unprepared enterprises in 2013.”
Cyber threats are also increasingly sophisticated…and therefore more dangerous. Advanced Persistent Threats (APTs) – those that involve an above-average skill set or resources; an ability to maintain access and/or an infrastructure footprint; and are focused on theft, disruption, and/or destruction of enterprise operations – are on the rise. Attackers are attempting to take down environments by stealing IP information, creating denial of service events or even disabling critical infrastructure components. Threats also come from actors not typically considered APTs. While usually not as sophisticated as APTs, hackers who are politically motivated, interested in notoriety, or otherwise driven can exploit vulnerabilities and leverage “launch platforms,” such as botnets, to have a significant adverse impact on organizational enterprises.
What’s Behind the Increases in Cyber Threats?
There are two overarching trends driving increases in cyber threats. One is our growing reliance on the Internet as a connector. By any measure, our interconnectedness is soaring and will continue to do so. The consumerization of IT and rise of mobile devices like smartphones and tablets is driving exponential increases in data. In this global data environment, convergence of infrastructure is occurring in cycles measured by months (in particular, the rise of the Cloud is driving huge increases in storage on demand).
All of this networking, computing, and storage is being run out of data centers. The data center is truly the factory of today’s and tomorrow’s economy.
But at the same time that we are increasingly connected, massive global resource inequalities persist. As a result, state and non-state actors that feel threatened economically may seek to address those issues – to, in their eyes, level the playing field – through means like cyber-economic espionage.
Because of gaps in situational awareness, efficiency, and security within the traditional data center, the enterprise is exposed and vulnerable to cyber attacks. Because of the fact that most people have very little understanding of the industrial control system base that drives the IT within the data center, those who would launch cyber attacks have greater chances of success. These threats need to be addressed now if we want to continue our growth in this increasingly interconnected world.
Stay tuned the week after next for Data Center 2.0 & Cyber Security Part 2, where we’ll explore the role the data center plays in cyber security and why Data Center 1.0 is unequipped to deal with cyber threats.