Mar 16 2009
Just imagine it: your web site is down, you can’t reach the server, you can’t reach the router, the guys at the datacenter aren’t answering the phone, what the heck is going on? You get in your car and drive down to the datacenter and as you drive up you notice all the police cars in the parking lot. Walking into your datacenter, you learn that thieves have broken in over night and made off with your hardware as well as that of half a dozen companies in the same datacenter. Sound too ridiculous to be true? Last.FM found out last week that steel doors aren’t enough to keep determined criminals from breaking into your datacenter.
Last week a Level 3 datacenter in London was broken into by some very tech savvy criminals. They battered down an external fire escape door, a door to the datacenter floor and the door to Last.fm’s suite. The thieves were caught as they tried to take Last.fm’s 6500 series router, but had done a lot of damage in the mean time. And apparently this isn’t the first time that the same datacenter has been broken into.
Level 3 isn’t the only datacenter to fall victim to this type of assault. Masked thieves broke into a datacenter in Chicago in 2007, and not for the first time. They’ve assaulted datacenter personnel and broke through walls on separate occasions to steal servers. If they’d been as smart as the criminals in London, they would have gone for the routers and firewalls, which are pound for pound much more valuable and probably easier to sell on the black market than the servers.
Datacenters may need to step up security measures as criminals begin to realize exactly how valuable the equipment in datacenters is. Even smarter criminals may realize that while the servers and routers are worth a lot, if they can find servers with credit card information on them, they may be able to hit an even bigger jackpot. Personally, I have to think that there has to be an insider, whether a datacenter employee or a client, who’s involved with the criminals and telling them what systems to hit. There’s too many security measures in place to break into a datacenter without some sort of insider knowledge.
Do you visit your datacenter at least annually to review it’s physical security? If you’re a merchant who’s undergone a PCI assessment, the answer had better be ‘yes’. But the best physical security you can afford, might not be enough as criminals get bolder. If they’re willing to break down doors and hold datacenter personell at gun point, there may be nothing you can do but make sure you have a good set of backups and a disaster recovery site at a different datacenter.