The report also found that the following information was stolen from these major corporation data centres: customer services, ticket management support, portals remote management services datacentre employee and customer email account credentials.
It’s a sinister, calculated operation that sees hacker groups monitoring certain accounts or streams of data for month. Once they pick up an anomaly, they will target the datacentre and penetrate its security infrastructure.
The results can be catastrophic, putting both organisations and their customers are risk. A comprised data centre can lead system downtime or even complete shutdown, financial loss and worst, private, sensitive information entering the public, dubious domain.
Data centres need to be fortified today and the best way to do so is taking a systematic, committed approach.
• Work with vendors that take cybersecurity seriously. When implementing products its important that organisations opt for vendor solutions that use cyber secure development processes and validation.
At Schneider Electric, we follow cybersecurity best practices in our product development along the development lifecycle. From cybersecurity training for our engineers to meeting security regulatory requirements, from securing design reviews to using secure coding practices and implementing secure release management and deployment, and ultimately to incident response should a security breach occur.
• Look for vendors who partner with experts. Technology partnership forms a critical part of fighting cyberattacks. Ensure that your vendor partners work with who have best cybersecurity experts in the market for secure firewalls, servers, workstations and cloud services.
• Think about your legacy control system. Here we recommend working with a vendor that can provide consulting services regardless of the age, type or manufacturer and who can effectively address the full range of address cybersecurity assessments, workshops, remediation, and response to cyber security incidents.
Prioritise continuous threat detection
Continuous threat detection (CTD) software improves network resilience and overcomes the limitations of monitoring threats on location.
In essence, CTD creates a detailed inventory of industrial network assets, identifies misconfigurations, monitors traffic between assets, and finds anomalies that may indicate the presence of a malicious actor. Context rich alerts provide plant and security personnel with actionable insights for efficient investigation, response, and recovery.
CTD should also form part of cybersecurity assessment services and at Schneider Electric we provide the following steps to gain insight into data centre security operations:
• We appraise your current cybersecurity position under current IEC 62443 standards, as well as the National Institute of Standards and Technology (NIST) Cybersecurity Framework and any regulatory compliance that may be applicable.
• Certified cybersecurity experts identify the gaps, risks, and vulnerabilities found during the initial assessment, and then create strategies to fill the gaps, providing layers to protect organizations (like segmentation) against vulnerabilities and mitigate risks.
• Diligent monitoring of the perimeters. Things like continuous threat detection software improves network resilience. At Schneider Electric we establish tools that learn how a network operates under normal situations (via dynamic endpoint modelling) and flag anomalies as they occur.
• Last is maintenance and training. Expert management services are also provided to patch and update solutions made during the previous step to evolve as hackers find different methods to penetrate a system.