Greetings and welcome back! This month we look at something that we have been predicting for some time, a Cyber Attack Using Rack PDU’s as a Backdoor to Server Data. There was an excellent article on this in Identity Week last month. In this article, it discusses an attack on DDoS protection firm Staminus. In this attack, the intruders managed to do all of the following:
- Bring down Staminus’ entire network
- Reset routers to factory settings
- Stole Staminus’ databases and dumped the contents online
The attackers were brazen to say the least as they actually posted how they hacked Staminus with an online post. The two key factors they mentioned in their attack were:
- Use one root password for all the boxes
- Expose PDUs to WAN with telnet authority
The first mistake is all-too-common for any type of equipment. If you use the same password for everything, a hacker only needs to break it once and they are in. The second problem is the specific reason that we built RackGuardian. Here, they used an open Telnet port on rack PDU’s to gain backdoor access into the servers in the rack. I will add that, whether a hacker uses Telnet, FTP or SNMP, each of these ports is normally open on a rack PDU and each has minimal security.
So what can you do once you gain access into a rack PDU? Plenty! You can immediately traverse to the servers in the rack if they are on the same sub net. If they are on a different subnet, you will first need to go to the switch and then back again. In this case, its not clear which they did as they also had the open passwords on the switches and routers.
The long and short is that a rack PDU makes a perfect camoflauge as a sniper nest to extract data from a server without easily being observed. After all, who expects data to be coming from a rack PDU?
The moral of the story is clear: You MUST secure your rack PDU’s and RackGuardian is the only product that is specifically built with this purpose in mind. Cyber Attack Using Rack PDUs is a real threat to every organization. RackGuardian does all the things that you need to protect your rack systems from harm. It plugs into the Ethernet ports of your Rack PDU, UPS and other systems and it provides full monitoring of the power and environment in your rack – while it secures all of your rack power and environmental systems from being used as hacker targets.
Think about this and, we would be more than happy to have a confidential conversation about how to protect your rack systems.
Until next time,