Forget about hacking – your servers might get stolen
When it comes to security, there is often a focus on the software side, thwarting hackers and other virtual threats such as viruses and worms. When it comes to uptime and availability, focus often rests on redundant power, clustering, and other similar strategies. We often forget about something that can put a stop to any operation: good, old-fashioned, real-life robbery.
Don’t make the assumption that it will never happen to you.
Are data centers as secure as they want you to think?
Though security is often a selling-point for many data centers, they aren’t necessarily safe from theft. There have been plenty of incidents involving hardware theft from data centers.
A few examples:
- Multiple robberies at a Chicago data center
The Chicago-based colocation company CI Host had its data center broken into on October 2, 2007. The intruders passed through a reinforced wall with the help of a power saw, attacked the night manager with a tazer, and stole at least 20 servers. This particular data center had at that time been burglarized at least four times since 2005.
- Fake police officers rob Verizon data center
A Verizon Business data center in northern London got $4 million worth of computer equipment stolen on December 6, 2007. The “heist” was done by between three to five men dressed as police officers. They managed to gain entry to the data center and tied up the five staff members before stealing the equipment.
- Level 3 data center robbery disrupts telecom service
One of Level 3’s London data centers had a number of router cards stolen on November 1, 2006, which disrupted voice and data traffic to many of its customers in London.
- Peter Gabriel’s website down due to stolen servers
Musician Peter Gabriel had the servers running his official website stolen in May 2008, effectively taking his website offline. The servers were said to be hosted with the company Rednet Ltd. Not much information seems to be available other than a temporary message that was posted on his website explaining that all services were offline since their servers had been stolen from the ISP.
- Thieves rob Cable & Wireless data center, taking out Financial Times website
A Cable & Wireless data center outside London had routers and switches stolen on July 10, 2008. Among the affected customers was the Financial Times, whose website was left offline until they could redirect it to a backup facility.
If you keep it in the office, have proper security
It may be tempting to keep your servers nearby in your office, both for convenience and perhaps also for cost reasons. But if you do, make sure they are properly locked away in a secure place.
Otherwise something like this could potentially happen:
- Dept-collection bureau server with personal data for 700,000 people stolen
On March 21, 2008, thieves broke into the Central Collection Bureau in Indiana and stole eight computers and one database server. The stolen database server contained personal information about approximately 700,000 Indiana residents, including their social security numbers.
- Insurance company robbed of server with information about 930,000 customers
International Insurance Group, AIG, had their offices burglarized on March 31, 2006. The thieves got away with a server filled with data containing the names, addresses and social security numbers of over 930,000 customers.
- University file server with cancer research data stolen
A file server containing cancer research data was stolen from the University of California on March 20, 2007. The research data included names, contact information and social security numbers of study subjects and in some cases also personal health information.
Black market for hardware
This article from The Register is a bit on the old side, but it’s an interesting read. According to it, criminals are even targeting specific brands of hardware and are well aware of what they are looking for. There is obviously a lucrative black market for computer equipment if organized, criminal elements are involved.
Stealing data, not hardware?
Loss of hardware is one thing, but hardware can be replaced. One scary thought is theft specifically aimed at stealing servers with valuable data on them.
For example, in the cases where customer databases and credit card information are stolen, not only is it a liability to the company and its customers, but this information can most likely be sold for a hefty profit by unscrupulous individuals.
In the examples above, several cases have involved what must be considered as very valuable data. It is quite possible that this was just a coincidence and that the thieves were only after the hardware, but who knows?
Worry about protecting your data from hackers and take precautions, but remember that if someone just walks away with your server, that firewall you set up won’t do you much good.
What can I do?
Aside from planting yourself in front of your server rack with a shotgun on your lap, what can you do to keep your servers and data safe?
- It’s not always easy to know exactly where your servers are hosted and how well the security is handled. If your servers are critical to your business, make it a point to inquire about the data center where they are kept. What security measures are in place? If you are at a colocation facility you can of course check this out first hand.
- Encrypt sensitive data. The most valuable thing that gets stolen might actually not be your hardware, but the data on them. Maybe the thieves won’t realize this, but don’t count on it.
- Make sure you have backups of important data, and do your backups frequently. In case your servers do get stolen, at least you will be able to restore the lost data once your replacement hardware is up and running.
It might be worth to keep in mind that even with great security measures in place, an office or data center might still end up getting robbed. If criminals can rob banks, they can surely gain access to a data center, as the examples above have shown.
Though this is definitely not our expertise, the fact that computer hardware is being stolen on a wide and regular basis indicates that it has good value on the black market. You therefore need to take strong precautions to protect both your servers and your data.
Also, if you are buying second-hand server equipment, you might want to try to make sure that it’s from a legitimate source. You don’t want to end up with stolen goods.