The GPS firewall for the data center - why you need it and how

 3r3173. 3r3-31. GPS data is needed not only for navigators to build routes, but also data centers for time synchronization. This feature is used by hackers when they launch attacks on IT infrastructure. We will explain what the essence of such attacks is and how the GPS firewall protects them. 3r3138.  3r3173. 3r3138.  3r3173. The GPS firewall for the data center - why you need it and how
3r3138.  3r3173.
[i] /Wikimedia / NASA 3r3159. /PD 3r33112. 3r318. 3r3138.  3r3173. 3r3138.  3r3173. 3r3116. Attacks on infrastructure are gaining momentum 3r3117. 3r3138.  3r3173. Every year attacks on the IT infrastructure of banks, airports and data centers 3r-327. are becoming frequent 3r3159. by 20%. The goal of such attacks is not the theft of money, but harming the organization’s business processes. Moreover, the final damage to the company may be greater than in the case of the ordinary theft of funds. 3r3138.  3r3173. 3r3138.  3r3173. One of the most famous examples of attacks on IT infrastructure is WannaCry encryption. By
According to experts 3r3159. , the purpose of the viral campaign was not to obtain financial benefits, but to stop the work of specific organizations (including banks). 3r3138.  3r3173. 3r3138.  3r3173. 3r3116. Types of attacks on GPS
3r3138.  3r3173. GPS data centers receive coordinated universal time (3r3433. UTC 3r3-3159.). This information is used to synchronize servers using 3r345. NTP
. Synchronization systems are needed to set time stamps and indicate the beginning and end of any process in the data center network. Failure in the GPS system can complicate troubleshooting: if the error was logged with the wrong time stamp, it complicates the search for its cause. 3r3138.  3r3173. 3r3138.  3r3173. When intruders are planning to hack data center systems, they can replace the true GPS signal from the satellite in an attempt to hide their malicious activity. This type of attack was called GPS spoofing . The substitution of a signal is possible due to the fact that it is not encrypted and is subject to environmental interference (it is easy to “block” it). 3r3138.  3r3173. 3r3138.  3r3173. Danger for GPS data center systems also represent jammer devices. They are “3r3357. muffled
»Signal from the satellite, which is why servers, routers and other equipment in the data center can not synchronize their work . Consequences of an attack with a GPS jammer on itself have tested 3r3159. at Equinix. True, it happened by chance - an old GPS-antenna was installed on the roof of the data center, which weakened the signal and seriously interfered with the normal operation of the IT infrastructure. 3r3138.  3r3173. 3r3138.  3r3173. 3r3116. How to protect against attacks: GPS firewall
3r3138.  3r3173. To protect the data center from spoofing and interference with the positioning system, the American company Microsemi developed 3r371. GPS Firewall
. Device favor as a buffer between the GPS antenna and the critical infrastructure of the data center. 3r3138.  3r3173. 3r3138.  3r3173.
3r380.
3r3138.  3r3173. The firewall implements special algorithms that evaluate the characteristics of the GPS signal: radio frequency power, the correctness of geodata and time, and so on. If the system understands that the signal does not match the desired parameters (for example, anomalies in the transmission power have been detected), then it is blocked. In this case (or in case of loss of communication with the satellites), the firewall starts the generator of the reference time - the rubidium clock (holdover mode). They maintain the performance of all systems until the GPS signal is restored. 3r3138.  3r3173. 3r3138.  3r3173. Two years ago, an error in the GPS-network broke work 3r3159. Microsemi receivers worldwide. Devices could not correctly determine the time and coordinates. 3r3138.  3r3173. 3r3138.  3r3173. Microsemi says that the atomic clock in the firewall for the data center will help to avoid problems with the synchronization of equipment in the event of a global GPS failure. However, these hours will work only for a couple of months. If during this time the GPS malfunction is not fixed, problems with the 3r-394 alignment may begin. timestamp in logs, etc.
 3r3173. 3r3138.  3r3173. 3r3-300. [i] “The GPS firewall will protect against spoofing and jamming signals, but it is important to understand that such attacks are often used by hackers as a screen. This is how they mask their malicious activities on the network, so it’s important not to forget about ordinary firewalls, says the head of the IaaS service development department 1cloud.ru Sergey Belkin. - IaaS-providers who place their equipment in data centers, just offer such a service. For example, our customers can connect to a firewall that will protect the infrastructure. at the network level 3r3159. . In the near future, the feature will be available and
at the server level 3r3159. . The system closes attack vectors such as
MITM 3r3159. or
IP spoofing
". 3r33112. 3r3113. 3r3138.  3r3173. 3r3116. About other ways to protect
3r3138.  3r3173. The algorithm for detecting GPS spoofing is also 3r3-3120. developed 3r3159. researchers from the University of Texas at San Antonio. Their solution compares the time of the incoming GPS signal with previous figures. If a substitution of parameters is detected, the system informs the data center operators about this. 3r3138.  3r3173. 3r3138.  3r3173. Another option for protecting geolocation systems is encryption. In Russia, to protect GLONASS, it was suggested to use high-precision signals (BT code) instead of standard ones. They are protected by constantly changing classified codes. However, this solution has not been applied, since the use of the BT code possible only with the permission of the RF Ministry of Defense . 3r3138.  3r3173. 3r3138.  3r3173. Probably in the future there will be other technologies to protect the systems for determining the time and coordinates in data centers. Or they will be transferred to fully autonomous solutions, which will be less dependent on external factors. 3r3138.  3r3173. 3r3138.  3r3173.
Other posts from our corporate blog:
3r3138.  3r3173. 3r33140.  3r3173.
3r3143. The evolution of cloud architecture 1cloud: the complexity of modulating
3r3-3160.  3r3173.
3r3148. Why do we need monitoring?
3r3-3160.  3r3173.
Than rented infrastructure better than the usual "iron" 3r3159. 3r3-3160.  3r3173.
3r3158. How to ensure data security in the cloud
3r3-3160.  3r3173. 3r3162.
3r3173. 3r3173. 3r3r1616. ! function (e) {function t (t, n) {if (! (n in e)) {for (var r, a = e.document, i = a.scripts, o = i.length; o-- ;) if (-1! == i[o].src.indexOf (t)) {r = i[o]; break} if (! r) {r = a.createElement ("script"), r.type = "text /jаvascript", r.async =! ? r.defer =! ? r.src = t, r.charset = "UTF-8"; var d = function () {var e = a.getElementsByTagName ("script")[0]; e. ): d ()}}} t ("//mediator.mail.ru/script/2820404/"""_mediator") () (); 3r3167. 3r3173.
3r3173. 3r3173. 3r3173. 3r3173.
+ 0 -

Add comment