Content, Content

Data Center Infrastructure Management (DCIM) Software: Prime Cyberattack Target?

View of a Server room data center – 3d rendering

Many organizations are "likely to experience increasing cyber threats toward data centers worldwide," according to research from risk intelligence platform provider Cyble. This is due to the fact that there are more than 20,000 instances and products of various vendors dealing with data centers, and their operations are public-facing.

Data centers frequently use multiple technologies, and hackers can exploit vulnerabilities and loopholes within these technologies, Cyble indicated. Meanwhile, organizations can experience cyberattacks across the following areas of their data center operations:

  • Data center infrastructure management (DCIM) software
  • Intelligent monitoring devices
  • Rack power monitors
  • Thermal cooling management control systems

Furthermore, many data centers are upgrading rapidly, Cyble pointed out. As such, hackers are exploring new vectors to bypass security parameters and launch data center cyberattacks.

Why Do Hackers Target Data Centers?

Data center hackers' motives vary, Cyble noted. Some of the reasons why hackers target data centers include:

  • Access to Sensitive Data: Hackers can steal sensitive information about a data center and its components and sell it to bidders on dark web markets and forums.
  • Operations Shutdown: State-sponsored hackers can disrupt a data center's power supply components to shut down its operations.
  • Retaliation: A hacktivist can launch a cyberattack on a data center site's HVAC system in retaliation toward an organization or group connected to the data center.
  • Ransom: Ransomware groups can lock administrators out of the DCIM application and demand ransoms in return for data access.

Data Center Security Best Practices

Organizations can experience financial losses and other problems due to data center cyberattacks, Cyble stated. However, there are several things that organizations can do to guard against these attacks, including:

  • Use cybersecurity awareness programs to teach workers about current and emerging data center cyber threats.
  • Conduct data center cybersecurity audits to evaluate a data center's security posture.
  • Implement a password policy for secure access to data center systems.

Cybercriminals will continue to search for and exploit data center technology security vulnerabilities and loopholes, Cyble said. But organizations that prioritize data center security are well-equipped to identify and address such issues before they cause long-lasting damage.

Dan Kobialka

Dan Kobialka is senior contributing editor, MSSP Alert and ChannelE2E. He covers IT security, IT service provider business strategies and partner programs. Dan holds a M.A. in Print and Multimedia Journalism from Emerson College and a B.A. in English from Bridgewater State University. In his free time, Dan enjoys jogging, traveling, playing sports, touring breweries and watching football.