A surge of cyberattacks against cloud service providers (CSP) and managed services providers (MSP) have recently been documented in the wild. Reports say that the attacks on data centres were orchestrated by attackers attempting to abuse flaws to access systems and data owned by government agencies and corporations worldwide.
Analysts regard data centres as a significant target for cyberattacks since they are essential to most enterprises’ supply chains. An analysis of the recent cyber campaign targeting the sector showed that several data centre customers, such as Amazon, Walmart, and Alibaba Group Holding, have been impacted by the incidents.
The countries mostly targeted with data centre attacks include the US, the UK, China, Australia, Canada, Switzerland, and New Zealand.
Two large data centres have allegedly been recent targets in this campaign.
Our iZOOlogic threat monitoring team discovered two posts in an underground forum claiming separate cyberattacks on GDS Holdings Limited (Nasdaq: GDS) and ST Telemedia Global Data Centres (STT GDC).
The attack on GDS Holdings Limited (Nasdaq: GDS) was claimed by a threat actor under the name ‘minimalman,’ saying that they acquired the company’s database with about 2,000 client information and other data.
On the other hand, the attack on ST Telemedia Global Data Centres (STT GDC) was claimed by a threat actor named ‘chubikovich.’ In this alleged attack, the attacker stated to have stolen 1,210 customer information and other data.
While Nasdaq: GDS have yet to comment on these attack allegations, STT GDC released a statement last February 1 to refute some claims. The company clarified that the purported stolen data from its customer service portals do not pose risks for its data centre operations and IT systems since they have not been valid for some time, deeming them ineffectual to the attackers.
According to security analysts, the attacks on data centres worldwide mainly focus on stealing information related to customer email account credentials, ticket management, support portals, customer service, remote management services, and employees.
Due to these incidents, companies’ security managers are urged to upgrade their OT and IT supply chain security to increase its effectiveness and lessen the chances of being compromised by attackers.
