By Emily Newton, Editor-in-Chief at Revolutionized Magazine
Hackers are employing new techniques to compromise data centers, including power attacks. These hacks target a server’s power consumption and center power infrastructure. This attack method could significantly damage data center equipment, lead to lengthy outages or make valuable information easier to acquire.
The right data center security practices will be necessary for these facilities to protect themselves against power attacks.
What Is a Power Attack?
Power attacks are a hidden risk introduced by energy oversubscription, increasingly popular in data centers to reduce operating costs. It takes advantage of the fact that power utilization across these facilities is generally low — meaning they can often deploy servers to the point that the data center commits more power than what is available.
This oversubscription can render individual servers, server racks and power distribution units (PDUs) vulnerable to surges. Safe levels of oversubscription — and power management techniques like power capping — should make it impossible for normal operations to lead to power surges that can damage equipment, trip breakers and cause outages.
However, the clever manipulation of data center workloads could potentially lead to these surges, even with protections that should prevent power-related damage during normal operations.
How Hackers Can Use Power Systems Against Data Centers
An outside attacker can use malicious workload requests to generate energy spikes intended to damage data center servers and power infrastructure. Probing techniques allow the attacker to determine internal information about the facility, including the connection between a machine’s IP address and its physical location.
Hackers can use this information to approximate the data center’s power system’s structure, allowing them to selectively purchase services in a way that will cause surges or outages.
An attacker doesn’t need to know which servers belong to the same rack or utilize the same PDU. As long as they know one target and its IP address, they can launch a miniature brute-force attack covering it and most other machines in the same rack.
The most likely victim of a power attack hosts public cloud services — IaaS, PaaS, SaaS and edge data centers — that users can subscribe to.
The particular approach an attacker uses may depend on which type of cloud service the provider offers. For example, the hacker may be able to gain full control over an IaaS company’s virtual machines. They will only be able to access a SaaS provider by issuing specific network requests.
In both cases, the key challenge is configuring an attack using vectors that will maximize and localize server power consumption, ideally causing as much damage as possible to data center infrastructure.
The hardware target of a power attack can be an individual server rack, a PDU or the entire data center. The source may be an individual hacker, a botnet master, a competing data center or a large organization.
Launching the attack requires using data center resources — as a result, the adversary must pay for a power attack.
There may be significant costs related to launching the attack. However, the potential damage and disruption it may cause could easily outweigh these costs.
Managing Power Consumption to Maximize Data Center Security
Oversubscription in data centers as a cost-saving measure may need to be balanced against potential cybersecurity risks, like power attacks.
Identifying other strategies to reduce operating costs could provide security benefits in the long run. Management best practices can help minimize the expenses associated with various systems.
For example, many data centers use compressed air systems to support HVAC, and some use these systems to directly cool server racks and other center hardware. The cost of an air cooling system can be reduced through regular maintenance and the development of an operational improvement plan. Similar networks could likely benefit from the same approach.
Data center operators may also want to consider how power management strategies can take cybersecurity into account.
Power capping is a popular strategy among data centers for limiting the maximum energy consumption of a target unit in a data center. Operators can cap what individual servers use, as well as racks, combinations of servers and PDUs. Real-time power monitoring and dynamic controls help ensure this solution is effective.
In addition to providing the data center with more control over power consumption, capping can also harden facility infrastructure against a power attack. However, the reactive nature of capping systems, periodic energy sampling and settling can make this method less effective in protecting data centers from these attacks.
Novel research may also help data center security experts and managers learn more about potential vulnerabilities and the real threat a power attack could pose to a particular data center. Researchers have simulated power attacks before using Google compute cluster data, allowing them to generate likely threat models.
Information from power attack research and threat modeling can help data center owners and the cybersecurity researchers they work with better understand the potential threat these hacks can pose. They can determine the steps they should take to reduce vulnerability.
Power Attacks Could Become Significant Threats to Data Center Security
Data centers face various cybersecurity threats — and experts say cyberattacks are only likely to become more common in the future.
Power attacks could allow an adversary to use a data center’s infrastructure against itself, resulting in significant damage and downtime. The right energy management strategies could help prevent these attacks while improving efficiency.
However, a combination of strategies may be necessary to fully protect a data center against these attacks.
Emily Newton is the Editor-in-Chief at Revolutionized Magazine. A regular contributor to Brilliance Security Magazine, she has over four years of experience writing articles in the industrial sector.
.
.
Follow Brilliance Security Magazine on Twitter and LinkedIn to ensure you receive alerts for the most up-to-date security and cybersecurity news and information.