Threats to an IT Data Center Infrastructure and Possible Cloud Solution

Name:

Date:

Institution:

 

 

 

 

 

 

 

 

 

 

 

 

Introduction

The modern-day data centers are evolving to provide virtually infinite scalability and flexibility to facilitate the transforming organizational, operational needs, and strategic goals. However, everyday cybersecurity threats are a concern in data centers just like any other technology, therefore, the data center infrastructure would require safeguarding and testing against industry threats. Cyberattacks, including cybercriminals, state-sponsored attackers, and hacktivists, threaten to infiltrate and takedown data center applications and steal data because it is the store for the most valuable asset of the organization. Whether such activities are for notoriety, search for competitive intelligence, or financial gains, cyberattacks are carried out using a range of weaponry. This paper explores some of the main weapons used by attackers. Further, this paper provided possible solutions that an organization can adopt to ensure it is always safe from cyberattacks.

 

Types of Data Center Infrastructure attacks

According to Jain & Miao (2016), some of the main cyber threats to data center infrastructures include DDoS attack, brute force, and weak authentication, web application attacks, DNS infrastructure attack, and SSL induced security blind spot.

 

DDoS attacks: Distributed denial of service (DDoS) attacks are aimed at disrupting and disabling essential internet services. The attackers can leverage NTP, DNS, and web servers.

SSL-Induced security vulnerabilities because they understand that by attacking the internet connection rather than data would have a dramatic effect. Because many organizations now depend entirely on the cloud based resources, a DDoS attack will interrupt the systems with a negative effect on service and productivity. Further, the attackers are currently exploiting web application vulnerabilities to turn web servers as captive servers, which, in return, affect other websites (Saied, Overill & Radzik, 2016).

DNS infrastructure attacks: An attack on the DNS server keeps the server offline and, therefore, inaccessible to subscribers because they are unable to resolve domain names, send emails, visit web pages, and include other internet services consider important (Bushart & Rossow, 2018). Further,  DNS attacks can be used by cybercriminals to amplify a DDoS attack. In this regard, the cybercriminals can launch a DNS reflection attack that involves spoofing the attack target’s real IP address and using it to query and instruct several DNS servers recursively or to send large responses to the victims. Powerful servers then emanate significant DNS traffic, which drowns the victim (Mahmood, 2011). Therefore organizations that house DNS servers must always ensure to protect them from DNS cache poisoning, DDOS attacks, and other exploits of the DNS.

Web application attacks: Arguably, this is the most preferred method by attacks to infiltrate corporate networks to orchestrate data theft. The attacks deploy cross-site scripting (XSS) and SQL injections to compromise third-party plugins and content management systems (CMS). In this regard, corporates should ensure to proactively block web attacks through “virtual patching” vulnerabilities (Shieh et al., 2011)

 

Brute force and weak authentication: The over-reliance of password-based authentication, single-factor authentication by many of the current applications lives many of the application owners exposed and exploited by attackers, especially when the application owners do not implement strong passwords or do nor securely store credentials. Cybercriminals can automate brute force attacks to crack stolen passwords and password hashes. These credentials can also be used to attack other online accounts (Abdellaoui, Khamlichi & Chaoui, 2016).

The primary solution to this kind of attack is to implement two-factor authentication, which significantly reduces the risk of password cracking or brute force. Corporations can also deploy tools to centrally manage authentication services by analyzing user attributes, for instance, geographical location, operating systems, and browser types. These can help detect fraudulent activities, high-risk users with several attempts of failed authentication, which can then be blocked (Mahmood, 2011).

 

SSL-induced Security vulnerabilities: There is increased exploitation of SSL encryption to conceal attacks from organizational security devices. For instance, IPS and firewalls are capable of decrypting SSL traffic, however the growing demand for processing power as a result of the migration from 1024 to 2048 SSL keys. In fact, the latter requires 6.3 times more processing power to decrypt. As a result, some encrypted traffic can be sneaked within the SSL traffic by cybercriminals. Attackers can leverage the fact that more than 40% of applications can use SSL or change ports (Shieh et al., 2011). As a remedial measure, corporates should deploy a resolution to help in the interception, offloading, and decryption of SSL traffic to help detect cyber attacks.   

 

Possible solutions to these attacks:

 

Companies can leverage cloud service providers to store corporate information in safe, encrypted data centers. Further, the cloud infrastructure has revolutionized data collection, processing, and storage. Some of the main features that make cloud secure include the possession of encrypted databases and search through the homomorphic encryption mechanism, the use of authorization for the data access (Shieh et al., 2011). The system can determine the level of access and maps it to the particular authenticated user to secure the resources controlled by the given user. The cloud system also uses a cryptographic algorithm-Diffie-Hellman for secure communications.

Further, the platform enhances security through hybrid techniques by combining multiple encryption algorithms like RSA, 3DES, as well as random number generators (Latif et al., 2014). The distributive nature of storage in the cloud also makes user data more secure. The data segments are further encrypted and are distributed separately in the cloud databases, enhancing security against the different types of attacks (Sun et al., 2014).

Additionally, data concealment deployed in the cloud further enhances security. The strategy involves merging the real data with fake virtual data to falsify real data volume while enhancing security to private data securing it from cyber attackers (Kshetri, 2013). The watermarking method is used to identify the real data by authorized users who have a key from the real data. Therefore the cloud platform can avert an attack, for instance, the DDoS attacks.

 

 

 

References

 

Abdellaoui, A., Khamlichi, Y. I. & Chaoui, H. (2016). A novel strong password generator for improving cloud authentication. Procedia Computer Science, 85, 293-300.

 

Jain, N., & Miao, R. (2016). U.S. Patent Application No. 14/450,954.

 

Kshetri, N. (2013). Privacy and security issues in cloud computing: The role of institutions and institutional evolution. Telecommunications Policy, 37(4-5), 372-386.

 

Latif, R., Abbas, H., Assar, S., & Ali, Q. (2014). Cloud computing risk assessment: a systematic literature review. Future information technology (pp. 285-295). Springer, Berlin, Heidelberg.

 

Mahmood, Z. (2011, September). Data location and security issues in cloud computing. In 2011 International Conference on Emerging Intelligent Data and Web Technologies (pp. 49-54). IEEE.

 

Saied, A., Overill, R. E., & Radzik, T. (2016). Detection of known and unknown DDoS attacks using Artificial Neural Networks. Neurocomputing, 172, 385-393.

 

Shieh, A., Kandula, S., Greenberg, A. G., Kim, C., & Saha, B. (2011, March). Sharing the Data Center Network. In NSDI (Vol. 11, pp. 23-23).

 

Sun, Y., Zhang, J., Xiong, Y., & Zhu, G. (2014). Data security and privacy in cloud computing. International Journal of Distributed Sensor Networks, 10(7), 190903.