Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

The attack of zombie servers

Gavin Selkirk, President of BMC Asia Pacific | March 17, 2016
Gavin Selkirk, President of BMC Asia Pacific, talks about zombie servers and its impact on businesses, particularly in the healthcare industry.

This vendor-written piece has been edited by Executive Networks Media to eliminate product promotion, but readers should note it will likely favour the submitter's approach.

With the rise in prevalence of cyber risks in Asian enterprises, business leaders are increasingly investing in innovative technologies to reduce enterprise risk and improve performance. According to the PwC, CIO and CSO Global State of Information Security Survey 2016, 87% of organisations in Asia have adopted a risk-based security framework, yielding opportunities to improve cybersecurity and produce integrated safeguards against cyber-attacks.

However, despite the increase in investment and education to mitigate cyber risks, cybersecurity remains a pressing concern for businesses in the APAC region with the rise of an overlooked danger - Zombie servers.

Zombie servers, otherwise known as "comatose" servers, are the servers lurking in enterprise networks that are consuming high amounts of power, storage and other resources without generating useful output.

According to a study conducted with Jonathan Koomey, a research fellow at Stanford University, and using data from TSO Logic, it is estimated that there are 10 million "comatose" servers running in enterprises around the world. These servers drive up IT costs by consuming energy and stealing resources from legitimate applications and processes.

The real danger lies in the fact that most businesses are unaware of the presence of the Zombies, leaving them left unmonitored. These unmonitored servers, which lack the latest security patches, open the doors to bot attacks that can paralyse the enterprise network, and security breaches that can allow hackers to steal sensitive data and other valuable corporate assets.

This is especially pertinent to healthcare IT organisations which are increasingly vulnerable to cyber-attacks. The recent Australian Health Practitioner Regulation Agency (AHPRA) data breach, for example, raised serious concerns that medical practitioners could be at risk of further fraud and unauthorised access to their personal data. Singapore too, has seen its fair share of data leaks.

As the healthcare organisations in Singapore move towards consolidating their data and building a more integrated healthcare system for Singaporeans, there is increased importance of making sure cyber security is top priority.

Healthcare IT organisations have a heightened need to hunt down Zombies because these servers put highly sensitive patient information at risk. In Singapore, healthcare organisations are subject to legislative mandates such as the Personal Data Protection Act (PDPA), which governs the collection, use, disclosure and care of personal data. Failure to comply can result in substantial financial penalties, and more importantly, the loss of a stellar reputation. The expanding use of electronic medical records (EMRs) means that health providers have an additional duty to make sure these EMRs are secure.

 

1  2  Next Page 

Sign up for CIO Asia eNewsletters.