The attack of zombie servers
By Gavin Selkirk April 11, 2016
- Zombie servers consume resources without generating useful output
- The real danger however is that they are unmonitored and vulnerable
WITH the rise of cyberthreats in Asian enterprises, business leaders are increasingly investing in innovative technologies to reduce enterprise risk and improve performance.
According to the PwC, CIO and CSO Global State of Information Security Survey 2016, 87% of organisations in Asia have adopted a risk-based security framework, yielding opportunities to improve cybersecurity and produce integrated safeguards against cyber-attacks.
However, despite the increase in investment and education to mitigate cyber-risks, cybersecurity remains a pressing concern for businesses in the Asia Pacific region with the rise of an overlooked danger – zombie servers.
Zombie servers, otherwise known as ‘comatose’ servers, are the servers lurking in enterprise networks that are consuming high amounts of power, storage and other resources without generating useful output.
According to a study conducted with Jonathan Koomey, a research fellow at Stanford University, and using data from TSO Logic, it is estimated that there are 10 million ‘comatose’ servers running in enterprises around the world.
These servers drive up IT costs by consuming energy and stealing resources from legitimate applications and processes.
The real danger lies in the fact that most businesses are unaware of the presence of the zombies, leaving them left unmonitored. These unmonitored servers, which lack the latest security patches, open the doors to bot attacks that can paralyse the enterprise network, and security breaches that can allow hackers to steal sensitive data and other valuable corporate assets.
This is especially pertinent to healthcare IT organisations which are increasingly vulnerable to cyber-attacks. The recent Australian Health Practitioner Regulation Agency (AHPRA) data breach, for example, raised serious concerns that medical practitioners could be at risk of further fraud and unauthorised access to their personal data.
Already Singapore has seen its fair share of data leaks. As the healthcare organisations in Singapore move towards consolidating their data and building a more integrated healthcare system for Singaporeans, there is increased importance of making sure cybersecurity is top priority.
Healthcare IT organisations have a heightened need to hunt down zombies because these servers put highly sensitive patient information at risk.
In Singapore, healthcare organisations are subject to legislative mandates such as the Personal Data Protection Act (PDPA), which governs the collection, use, disclosure and care of personal data. Failure to comply can result in substantial financial penalties, and more importantly, the loss of a stellar reputation.
The expanding use of electronic medical records (EMRs) means that health providers have an additional duty to make sure these EMRs are secure.
Call to action
The majority of IT organisations lack clear visibility into their IT environments. Many of them have zombies and unauthorised software hidden in their networks, driving up costs and wreaking havoc on security and compliance.
To eradicate this problem of zombie servers, businesses can utilise tech tools such as discovery and dependency mapping solutions.
This is especially essential in the healthcare industry to ensure the security of the vast amounts of sensitive data handled.
With discovery and dependency mapping solutions, businesses gain the visibility they need to track down and eliminate these culprits and bar them from entering their networks.
So, how many zombies are in your data centre?
Gavin Selkirk is president of BMC Asia Pacific.
How he hacked a hospital
Four data centre models emerging: Emerson
Moment of truth for 'most promising startup' GridMarkets
For more technology news and the latest updates, follow us on Twitter, LinkedIn or Like us on Facebook.