Global policymakers and data center directors should prioritize data center security following recent security incidents. There has been a major security breach in the firmware of widely used power distribution units (PDUs). As developed and manufactured by the Chinese manufacturer Powertek, these PDUs have multiple security flaws and need to be patched immediately. Often, these PDUs are sold as oem products to well-known vendors who then resell them under their own brands. There is a patch available, but researchers complain that it is hard to find.

These PDUs have security issues such as buffer overflows, which can allow an attacker to compromise the firmware and gain access to a data center's management network. Gynvael Coldwind, a Polish security expert, revealed these and other security concerns. Two of the most serious vulnerabilities are rated 9.8 out of 10 on the Common Vulnerabilities Scoring System, and include an authorisation bypass and an authenticated session token leak.

The security problems with Powertek's PDUs are just the tip of the iceberg. The data center infrastructure has become a new attack surface for cybercriminals looking for new ways to penetrate valuable enterprise applications. The cyber security strategy of companies and government agencies often overlooks these systems. The data center industry only recently became aware that the infrastructure layer of a data center could be a highly valuable gateway to applications and databases.

According to research by Cyble, many of the components that make up a data center infrastructure are vulnerable to attack. Data center infrastructure management software (DCIM) is a popular target for cybercriminals. Cyble researchers discovered that over 20.000 instances of DCIM software have serious security issues that need to be fixed as soon as possible. Applications such as these provide full remote access to data center assets, generate status reports, and allow users to configure various system parameters.

Unfortunately, it does not end there. Researchers have found numerous issues with all types of data center equipment, including thermal and cooling management dashboards, humidity controllers, UPS controllers, HVAC control systems and rack monitors. Occasionally, there are bugs in the software that can be exploited. Many other cases might be easier to solve, since researchers still find that data center operations personnel often do not change the default passwords they use to log into their management systems.

Photo credit: Thomas Jensen