Data centre security is at risk, but AI is stepping up to the plate.
Back in 1988, a student at MIT created the first ever computer worm called Morris and its ability to spread from one PC to the next made it a template for the viruses we see today. The Morris worm was able to remotely access computer login times, take control of the network and was also capable of identifying weak passwords.
These days, cyberattacks can spread quickly and take control of devices with data centres being a primary target and according to Resecurity, these kinds of attacks have led to data being stolen from major companies and access information being spread on the dark web. In February 2023, access data stolen from data centres were published on an underground forum, highlighting the urgent need to increase security to protect against these threats. What’s more, a Digital Shadows report announced that around 24.6 billion access credentials were being circulated online.
Ensuring data centres are secure is critical and artificial intelligence is emerging as a promising solution for predicting, identifying and proactively defending against attacks and thus bolstering infrastructure resilience against a growing number of threats.
The challenge – Detecting threats to better protect data centres.
Modern IT infrastructures are networked and increasingly complex making them a fertile hunting ground for hackers, but also making it very difficult to identify the source of threats. For this, advanced detection solutions are required. Other challenges are how quickly attacks spread and victims’ ability to respond putting prevention and proactivity at the heart of data centre security strategies.
Distributed Denial of Service (DDoS) attacks.
Distributed Denial of Service (DDoS) attacks are a perfect example of the challenges faced. Back in 2018, GitHub was the target of a DDoS attack similar to that which impacted Dyn in 2016. 2022 saw Denial of Service attacks make up 50 per cent of all hacks, up from 40 per cent in 2021.
These attacks are designed to take a service offline by bombarding the server with traffic and are well-known for severely impacting business operations by causing outages that can extend up to 12 hours that cause considerable damage to a company’s finances and reputation. DDoS are becoming more sophisticated as a result of hackers’ ability to attack on several fronts and overwhelm both infrastructure and applications.
Against the backdrop of all of these factors, it is critical to implement sophisticated identification tools and response protocols in data centres. What’s needed is close collaboration between cybersecurity and data centre experts to design defence strategies capable of mitigating these persistent and ever-evolving threats.
The solution – Artificial intelligence.
The rise of artificial intelligence is providing a glimmer of hope as it is transforms various industries by leveraging computers to imitate human intelligence, learn, reason and make sound decisions.
Predictive behaviour modelling – The future of data centre protection?
The basic principles of using artificial intelligence to help secure data centres are based on behaviour modelling. Detection and response are obviously important, but they are both reacting to events that have already past. It’s far more important to take a proactive approach to preventing and minimising the impact of attacks before they cause any damage by exploiting cyber threat intelligence, awareness, collaboration and sharing information.
Applying predictive behaviour modelling to data centres means creating algorithms based on historical data to predict future behaviour much in the same way as UEBA (User & Entity Behaviour Analytics). For example, by analysing resource use and access, it becomes possible to predict activity that could be potentially malicious. Behavioural analyses identify anomalies such as a new user, who accesses sensitive resources at an unusual time of day or starts downloading massive volumes.
To highlight the differences, we can compare the difference in costs incurred due to data leaks in zero-trust environments, which consider every access attempt as suspicious and requires constant verification, to those that occur in other environments as amounting to 1.76 million US dollars.
This shows how predictions can trigger early warnings and enable data centre security teams to ready themselves to face threats, take countermeasures and proactively prevent or mitigate or security incidents. In the future, companies will attempt to enrich their data by optimising the flow of data and the sources linked to the analysis systems. They’ll explore opportunities for integrating the results of behaviour analyses solutions into SOAR (Security Orchestration, Automation, and Response) platforms in order to free up capacity to respond to risks, which in turn will increase data centre security without requiring the need for human intervention.
According to a 2020 Capgemini study, 74% of companies responded that integrating artificial intelligence into their cybersecurity strategies had meant that attacks had been detected more quickly.
The potential of artificial intelligence for cybersecurity in data centres underscores the undeniable partnership that exists between humans and machines. This synergy is essential for us to fully exploit the capabilities of AI’s behaviour model, which needs to apply predictive behaviour modelling to historical data in order to anticipate future activities. By combining AI performance capabilities when it comes to analysing large volumes of day and identifying complex patterns with humans’ specialist knowledge, data centre security approaches can evolve into being proactive and adaptive.
On the back of digital convergence over the last few years, this collaboration has become even more crucial. Data centres at the heart of this convergence are now critical hubs for processing a growing volume of data from a range of sources. In the face of increased complexity, it’s imperative to roll out AI. It’s benefits are clear as AI can identify unusual patters of behaviour within the data centre network and this contribute to bolstering security.