Traditionally finance and security go hand-in-hand, the image of a bank vault is one of the most commonly used to convey a sense of security and safety. The arrival of cryptocurrencies means that transactions are moving from traditional banking infrastructure into the public datacenter. Traditional currencies are of course held in highly secure vaults however how much cryptocurrency is held in truly secure datacenters? The cyber threat is something well understood and reported, however as cryptocurrencies rise how significant is the physical threat to the datacenter where the cryptocurrency is held?
Cryptocurrencies are new technologies which are challenging the status quo and that many do not understand, therefore they have challenges to achieve acceptance and trust. Leveraging the stability and credibility of a highly secure location could go some way to managing these challenges. This applies also to regulations and insurance. As the value of cryptocurrency deployments increases insurers will most likely demand much higher security standards from the datacenter.
What are some of the reasons that cryptocurrency infrastructure could be under threat from physical threats:
- Theft of monetary value
- The cryptocurrency industry is becoming a highly competitive environment, creating the motives for corporate crime
- Growing interest in and the utilisation of cryptocurrencies from the criminal community
- The potential for aggressive state resistance to wide-spread adoption of cryptocurrencies
- Standard datacenters are a “soft-target” compared to a traditional bank
- Activism or terrorism
Considering these threats, would it then not seem logical that as the monetary value of the data held within a datacenter grows, so does the potential for a physical attack?
Such attacks could be either to steal the value of the data (cryptocurrencies) or to disable the capability to process cryptocurrency transactions. In general, as datacenters become an ever more critical part of modern life and are growing in the public consciousness they will increasingly become targets.
A direct attack on a datacenter by individuals, groups or institutions clearly requires security personal and military grade physical security, for this reason some datacenters have been developed in ex-military facilities. Although this kind of direct attack on a datacenter is not yet a common occurrence, one can imagine that a standard datacenter hosting many cryptocurrency platforms could be viewed as a “soft target” in the future. Furthermore, as our ability to resist cyber-attacks grows it may well become easier to physically penetrate a datacenter to steal cryptocurrency rather than by hacking.
Drones are now bringing a new physical threat to the datacenter. Recently, in August of 2017 a service provider found a drone perched on the roof of one of its datacenters. The drone was equipped with a raspberry pi (a single-board computer that can be used for hacking), networking equipment and a radio transceiver. Threats coming from above were never considered by datacenters, however now drones can be used not only to disable a datacenter (many datacenters have critical infrastructure on their roofs) but also to hack a datacenter and its clients.
EMP attack is another physical threat which is growing in the public consciousness, it is reported recently that North Korea could use an EMP attack to target the US and other cities; www.businessinsider.com/north-korean-emp-attack-the-dark-possibility-2017-7?IR=T . It seems likely that at some point EMP will be used in or around the datacenter, especially as the size of EMP weapons has massively reduced in recent years making a specific attack on a datacenter possible. This is already a threat that has some within the cryptocurrency community thinking carefully about the locations where infrastructure is hosted.
Collateral physical damage to a datacenter is mostly dependant on the stability and security of the surrounding area, whether due to terrorism or protests/civil unrest factors such as drifting smoke/dust and security lock-down areas. Major city locations and the areas around airports are clearly not ideal locations for datacenters to provide a high level of physical security to their clients.
Concern around the physical and geographic security of datacenters has been growing in recent years as we have moved into an era of increasing global instability with many major cities experiencing civil unrest and security issues. For the cryptocurrency community these concerns are even more significant due to the monetary value and importance of their infrastructure and the growing interest in the sector from all elements of society.
About the author
Ben Wood is DELTALIS‘ Sales and Marketing Director. In a former Swiss military bunker deep inside a granite mountain DELTALIS created a highly secure environment to protect data and systems from external threats. Ben is passionate about the technology industry and has been working in sales for service providers, datacenters and vendors for over 20 years. Ben has worked for companies such as Brocade, Orange/FT, COLT and Easynet across Europe and is a UK national who speaks fluent German and Italian.