Need More Information about Networks, Security and VMware?
Learn more about VMware and the key benefits on the following pages. Feel free to contact our experts if you have any questions.
Discover moreThe cases of cyber-criminality seem to be coming in a constant stream. But why is it so easy for hackers to target so many companies? Which protective mechanisms are available? In this article, We shed some light on security for the area of virtualization and show what VMware has to offer in that respect. We also provides tips on how to avoid a false sense of security.
Recent years have seen some substantial changes in the area of security. One of the biggest is the new focus among hackers and other shady figures on commercial interests. It is no longer a question of completing hacks or “virtual break-ins” to prove one’s own skills or to bring systems to their knees. Like 90s bank robbers, the hacker groups are now marauding through the Internet and trawling the IPs of companies to “monetize” their nefarious crafts.
In an age of bitcoin and dark net, it is relatively easy to exchange wire transfers and money after successful blackmail. But like in conventional crimes, the likelihood of recovering one’s property is relatively insubstantial, even after payment.
Known as ransomware , the dangerous Trojans and worms WannaCry and Petya are the most recent cases of a criminal conspiracy. Once the system has been accessed (by infected e-mail or via other vulnerabilities), the data is encrypted to block out the users. They are instructed that the only way to regain access is by entering a decryption code that will be provided after payment of a bitcoin ransom. It is hardly necessary to mention that you can wait a long time for your decryption code after transferring the bitcoin. This alone clearly demonstrates the purely commercial interests, unlike previous attacks like the ILOVEYOU computer worm.
In the first generation of WannaCry, not even the blackmailers themselves (as confirmed by decrypted sections of the source code) were able to assign payments to particular encryptions. In other words: The blackmailers were not in a position to provide the correct code for decryption in each case. So the data was irretrievably lost from the beginning!
Private cloud implementations with standard data centers were particularly vulnerable to these attacks, due partly to their physical and organizational structure. What’s more, many companies still have too much red tape, insufficient IT budgets and an adequate strategic focus. While this may no longer apply to shrewd and modern SDDC (Software Defined Data Center) and to public or hybrid cloud implementations, they are still vulnerable to a number of traps.
I still come across customers who operate data centers without complex admin passwords, active antivirus programs on all systems or dedicated responsibilities for security-relevant issues. This is grossly negligent. RAID level and virtualization, which have confined hardware crashes to the annals of history, give us a false and dangerous sense of security!
Three of the most frequent problems:
That’s even without mentioning additional options like active system reporting using tools (e.g. VMware vRealize Operations Manager) or security audits (possibly a penetration test). It’s almost like saying: “As long as the car keeps driving, I won’t take it in for inspection or roadworthiness tests.”
That is, broadly speaking, a possible way of doing things, but only if I use the car exclusively to drive on my property and am not bothered or financially burdened by defects. But I will need to address the issues of service and maintenance as matters of urgency the minute the systems are business-relevant or even business-critical, and I participate actively in traffic – whether it is by keeping an Internet connection or, as in the example above, by driving on public roads.
One example of passive protection is to shield the data center from unauthorized access, e.g. by using code cards to open the server racks. In contrast, active protection draws on firewall systems, virus scanners and suchlike. While passive protection is usually installed and should, of course, be checked in regular intervals, active protection requires a more detailed consideration.
As a rule, current data centers, server farms, SDDCs and cloud environments require multiple levels of security. An external firewall and virus scanners on the PCs became insufficient a long time ago.
VMware offers a broad portfolio for the secure operation of a modern SDDC implementation and can use technical resources to respond variably to challenges.
Interesting side note: While writing this article, I was surprised by the report that the largest terminal at the port of Los Angeles was forced to temporarily shut down. This was due to a massive, successful Petya cyberattack on the MAERSK shipping company, which transports cargo containers throughout the world. (Source: CBS Los Angeles).
These tips will prevent a false sense of security
- Structure your IT strategically to suit the other business lines in your group.
- Apply the principles of predictive planning, especially in your IT budget. CAPEX and OPEX should not be unfamiliar terms.
- Always keep your data center, SDDC and server farm up-to-date.
- Use standardization and orchestration to increase the quality of your infrastructure.
- Take the next step towards modern security infrastructure that pushes the boundaries of classic virus scanner and firewall methodologies.
- Check your infrastructure regularly. Bring in external providers when necessary.
- Conduct regular dry runs of your action plans and emergency concepts and adapt them any time you change your infrastructure.
Learn more about VMware and the key benefits on the following pages. Feel free to contact our experts if you have any questions.
Discover moreZostaw komentarz, aby dać nam znać, co myślisz o tym temacie!
Zostaw komentarz