[ISN] Five Ways To (Physically) Hack A Data Center

From: InfoSec News <alerts_at_private>
Date: Tue, 18 May 2010 00:37:52 -0500 (CDT)
http://www.darkreading.com/database_security/security/management/showArticle.jhtml?articleID=224900081

By Kelly Jackson Higgins
DarkReading
May 17, 2010

You can spend millions of dollars on network security, but it's all for 
naught if the data center has physical weaknesses that leave it open to 
intruders. Red team experts hired to social-engineer their way into an 
organization say they regularly find physical hacking far too easy.

Ryan Jones, senior security consultant with Trustwave's SpiderLabs, says 
data centers he has investigated for security weaknesses commonly have 
the same cracks in the physical infrastructure that can be exploited for 
infiltrating these sensitive areas. Jones says the five simplest ways to 
hack into a data center are by crawling through void spaces in the data 
center walls, lock-picking the door, "tailgating" into the building, 
posing as contractors or service repairman, and jimmying open improperly 
installed doors or windows.

"Over the years, you can spend millions of dollars protecting your 
network, but [many organizations] are leaving the front door wide open. 
They are missing huge gaping holes" in their physical security of the 
data center, says Jones, who will discuss his findings at the conference 
today in Sao Paulo, Brazil. "These are the top ways we get in."

One of the flaws in the physical design of most data centers is their 
drop ceilings and raised floors, Jones says. "The walls don't go all the 
way up [to the ceiling] or down [to the floor]," he says. The drop 
ceiling leaves a void for an intruder to remove a ceiling tile from a 
nearby area and then crawl to the data center from above it. "You can 
crawl down carefully to where you need to drop down," Jones says.

[...]


_______________________________________________
Best Selling Security Books and More!
Shop InfoSec News
http://www.shopinfosecnews.org/ 
Received on Mon May 17 2010 - 22:37:52 PDT

This archive was generated by hypermail 2.2.0 : Mon May 17 2010 - 22:49:23 PDT