"Zombie" Servers – A Cybersecurity Crisis Looming?
Many servers currently deployed are at heightened risk of cyberattack. The reason? These servers are zombies.
By popular definition, a server is considered a “zombie” when it is unused, disused, or unproductively used. It’s no coincidence that zombie servers and neglected servers are often one and the same. Zombie servers are among the most vulnerable to being compromised because they receive precious little IT department attention – it is the cause and result of their zombie condition.
Think about it this way: if you leave a cash-filled wallet unattended on a park bench, how long before it disappears? The longer you leave it there, the more likely it is that you won’t get it back.
One recent instance proves this point. It involved a documented attack on a US-based corporation by a nation state that sought to access national security information. The post-attack forensic analysis indicated that the breach took place on a zombie – a server that had been set up for a one-off advertising campaign and then disregarded upon the campaign’s completion. The wallet, it seems, was left on the bench for too long…
Up to now, zombie server “hunts” – coordinated efforts to identify and de-commission under-used servers – are usually justified by perceived cost savings from reducing energy use, software licenses, data center space utilization, and operations budget. Those are legitimate benefits to culling your zombie burden, but the best reason may be to reduce the security vulnerability these under-utilized severs pose.
Industry statistics suggest that, dozens of times per minute, each web server experiences some type of security event. Whether these events involve reports being scanned or a server being profiled for potential attack – or worse – the cyber bad guys are constantly snooping around.
Extend this cyber-snooping activity over the course of a calendar year, and it adds up to more than 47 million security events per year on a single server. Take that reality, and then add another factor: even in a well-run shop, there is a vast amount of server waste (under-utilization) in an enterprise environment.
The Green Grid is researching best practices for hunting and eliminating various types of these zombie servers. Security is an emerging reason The Green Grid is working to establish a technical roadmap to help organizations plan and execute zombie server hunts.
Get involved today by joining The Green Grid and contributing to the cure for zombie servers.