More subtle than cyber attacks, what if nation states could compromise hardware before it is delivered, so it will pass information or obey remote instructions? In the 1990s, the US government failed in a bid to mandate the use of the Clipper chip, an encryption device designed with a “backdoor” that would give US authorities access to all communications. In 2013, Edward Snowden revealed that much the same job was being done by intercepting and doctoring networking equipment.
Suspicion has since shifted to China, an authoritarian regime where most of the world’s computing hardware is made. Huawei, ZTE and Lenovo have all been alleged to have included backdoors, while Bloomberg claimed in a contested report this year that some servers made in China for Supermicro carry a surveillance chip implanted by the People’s Liberation Army.
China has long engaged in state-sponsored cyber attacks, while Russia has gained attention for its use of disinformation and asymmetric warfare.
In September, the Netherlands expelled four men, alleged to be members of a GRU Russian military intelligence unit called Sandworm, which attacked sites including the Organisation for the Prohibition of Chemical Weapons, the UK’s Foreign Office, and Porton Down chemical weapons facility. Russia denies the allegations.
Earlier in 2018, a group of thirty dissident students ransacked the server room at the Paul Valéry University in Montpellier, France, to prevent their fellow pupils from sitting their second term exams. These were to be hosted on the campus’ systems running the open-source learning platform, Moodle.
The vandals were protesting a tough change to the university admission process, known as “la loi orientation et réussite des étudiants (ORE),” which they argued would deter otherwise suited candidates from applying for their desired course, leading them to fall back on safer, but perhaps less aspirational pathways. The university reported €300,000 ($384,000) of damage, a large share of which was due to the IT equipment being destroyed, but also included broken chairs, tables, and the cost of cleaning up graffiti.
There is no legal requirement to report a cyber crime, but observers were shocked at the irresponsibility of Uber, which covered up an incident in 2016, paying off hackers who accessed the data of 57 million of its users, as well as 600,000 US drivers. In late 2017, newly appointed CEO Dara Khosrowshahi reported that he “recently learned” that hackers were paid $100,000 to delete the data, and Uber then failed to inform users or relevant authorities. Ousted co-founder Travis Kalanick was allegedly aware of the incident at the time.
Large numbers of corporate servers are hijacked to mine Bitcoin and other cryptocurrencies, with their owners left footing massive electricity bills. This crime category has been enabled because mining new cryptocurrency ‘coins’ is an energy-intensive, marginally-profitable process that involves complex mathematical operations. Running those operations on someone else’s server shifts the energy cost to someone else. It’s no surprise that crypto jacking overtook ransomware as the leading malware in early 2018, according to BitDefender.
The high cost of copper has made data centers and telecom infrastructure prime targets for scrap metal thieves after their cables. In South Africa, R5 billion (US$340m) is lost each year in copper thefts, such as the audacious raid on the City of Johannesburg’s data center in November 2017. Four suspects were caught, after R2m (US$137k) worth of copper cables were taken.
Four men have been charged with a series of thefts at cryptocurrency-mining data centers in Iceland, after a dramatic series of events in which one suspect, Sindri Thor Stefansson, escaped jail and briefly fled to the Netherlands.
Iceland’s cheap renewable power has made it a Mecca for Bitcoin mines. These shoestring facilities often lack features of business-grade data centers including high security, making them a target for a gang which stole 600 servers worth almost $2 million in a late 2017 crime spree, whose targets included high profile victims such as Advania in Reykjanes, and the Borealis data center in Borgarbyggð.
Some years back, a giant cannabis farm was reportedly found at a data center, in a joint operation involving police and IT experts. False fronts on the racks hid hydroponic growing systems and LED lighting. "It seems the legitimate business of the company was being used as a smokescreen for the real operation," said a police spokesperson. “Data centers are the ideal cover. They use lots of power, generate lots of heat, are highly secure, have powerful air filtration and plenty of room - and network operatives always act a bit stoned anyway."
In this instance, the guilty party is in fact news site ZDNet, which published this unlikely story on April 1.
We’re not aware of anyone succeeding at data center arson, but DCPro trainer Ian Bitterlin has a few pointers on how to do it: “Walk round the outer perimeter of the property noting the location of the fiber pits and return later that night with a few chums each in a white van and armed with a balaclava, a few gallons of unleaded and a box of matches. Grenades would be better but my local garage doesn’t sell them,” he said in an entirely-theoretical opinion article. “Whip up the cast-iron pit lids, dump the petrol and, like it says on the firework boxes, ‘light and quickly retire.’
Government efforts to support data centers and boost depressed areas can go wrong. In the UK, 675 people invested £79 million in 2011 in Cobalt data centers in Tyneside, and received £131 million in tax relief: they included footballers and celebrities Wayne Rooney, Jimmy Carr, Rick Parfitt, Kenny Dalglish, Roy Hodgson, Terry Venables, Arsene Wenger, and more. But the data centers were just unused shells. Apparently they did not break any laws, but are being chased for tax payments, after a crack down on “aggressive” tax avoidance schemes.
This article appeared in the October/November issue of DCD magazine. Subscribe for free today: