Data Centers and IoT: There's No Such Thing as a Free Lunch
by Karen Riccio
The Internet of Things (IoT) has gone
from a concept not many people grasped clearly, to a tangible, living and
breathing phenomena on the verge of changing the way we live—and the way data
centers strategize for the future.
At least, data center managers better develop
new strategies for handling the IoT and all the data that could overwhelm
What does the volume of data
look like: In the past five years, traffic volume has already increased
five-fold; and according to a 2015 study by Cisco, annual global IP traffic
will pass a zettabyte and surpass 1.6 zettabytes by 2018. Non-PC
devices—expected to double the global population by that year—will generate
more than half that traffic.
That spells trouble
with a capital “T”. The global growth of data is creating the need for wider information
networks and sufficient security controls. Each new IoT connected device
potentially creates a new point of vulnerability.
You might recall a very real-world illustration back on Oct. 21, 2016, when
many of the 3 billion Internet-addicted people across the globe weren't able to
access social networks, download movies or do much of anything thanks to
a DDoS attack. But this was unlike others.
A DDoS, or Distributed Denial
of Service attack, is usually achieved when a hacker(s) bombards a server with
so many requests in such a short amount of time that it simply crashes. It’s no
different than when a site crashes from too little bandwidth and too much
traffic, only this is done intentionally. Even the largest servers, across the
widest networks, with the best cybersecurity software in place can fall victim
when done on the largest of scales.
One reason the hackers
were able to affect so many websites is because they targeted an actual
DNS provider (domain name server), in this case a company called Dyn—otherwise
it would be impossible to coordinate such a high-scale attack.
That’s not the first
time a DNS provider has been targeted—and unfortunately—won’t be the last
And, while DDoS attacks have been around for
quite some time, this latest one that brought down the likes of Amazon,
Spotify, Netflix, PayPal, Twitter and many others, had a new and very troubling
nuance. Experts believe hackers tapped into all those intelligent devices
connected to the Internet, or the Internet of Things (IoT) as you know it, to
help pull off the massive outage.
The attack on Dyn was
unique in that IoT devices – including Internet facing cameras, home routers,
baby monitors, and more – were used as part of 10s of millions of IP addresses
that were infected, connected to a malware-based botnet called Mirai, and then
used to attack Dyn’s network of servers. Mirai used brute force to attack
IoT devices in order to break into the millions of devices on the Internet,
which are poorly guarded, rarely patched, and easy to commandeer with their
default or easy-to-guess passwords. And there are a lot of IoT devices out
there, and a lot of companies working on creating even more IoT devices.
But, the real story isn’t about the titans of
the industry who were taken down in this attack – it’s about everyone else.
Millions of other smaller domains were in this tsunami-sized path of digital
destruction and businesses got crushed. Despite the associated risks, almost
every CIO reading about this latest attack likely figures that these hackers
"only go after the big guys" or "our company isn’t famous enough
to get on a hacker’s radar" – think again.
A mid-year 2015 study by Hewlett Packard
reported that of the 10 home-based devices it tested (including door locks,
thermostats and TVs), 80 percent didn’t require strong passwords and 70 percent
had security holes. In fact, the devices—some of which will be used in
industrial settings—averaged 25 security flaws each.
Keep in mind, too, that this group of hackers
wasn’t going specifically after money, or ransom, or personal identifications;
they simply did it to upset the proverbial apple cart—and that they did.
Internet outages still disrupt business and can be very costly.
According to Kaspersky’s “Global IT Security
Risks Survey 2015 – DDoS Attacks” report, an average damage range of $52,000 to
$444,000, depending on company size. Less quantifiable injuries include
reputational damage and temporary loss of access to critical business
information. Nearly 40 percent of those affected couldn’t perform their core
functions. Additionally, one-third of the companies surveyed told
Kaspersky they lost contracts and opportunities because of the attacks. Almost
as many saw their credit rating decline, and 26 percent reported increased
So, we’ve got nothing short of a crisis on our
hands, one even bigger than originally suspected, and absolutely no budget
constraints for what companies across every industry and private and public
sectors can spend on securing our businesses, personal lives and national
In 2015, companies spent $75 billion on
cybersecurity and lost $300 billion. According to Markets and Markets, IT
security spending will soar to $101 billion in 2018 and hit $170 billion by
In his Data Center World
session, "Data Centers and IoT: There's No Such Thing as a Free
Lunch," on April 4 from 10:45-11:45 a.m., Chris
Crosby, CEO of Compass Datacenters, will identify and discuss the problems
associated with current networks in relation to the IoT. He will also present
the framework for planning for IoT implementation from a security perspective,
as well as discussing the new emerging security model that can enable IT to
maintain network security while increasing the scope of IT implementations.
From a data center operations perspective, the IoT translates into billions of
tiny packets from billions of devices. Just a few short years ago, we would
have referred to these as Denial of Service attacks, and now data center
professionals must develop infrastructures that are able to process this
information in real time or it loses its value,” Crosby explained.
For example, he referred to how a company’s
IoT-based, just-in-time inventory system would suffer serious consequences if
there were very long delays in its ability to track the location and volume of
In order to prevent such delays, Crosby sees
growth in more stratified structures in which data, and its processing
component, are moving as close to user groups as possible in terms of edge and
(small but growing) micro data centers.
“IoT is outstripping the capability of many
in-place data centers and driving the evolution to more stratified
architectures,” he said.
Data Center World -
Global 2017 runs from April 3-6 at the Los Angeles Convention Center. For more
information on the event and a detailed look at the educational sessions, visit datacenterworld.com.