Securing generative AI starts with sustainable data centers

Enterprises are increasingly experiencing attacks on their artificial intelligence (AI) infrastructure, with 41% having experienced an AI privacy breach, according to an August 2022 Gartner report. Twenty-five percent have experienced malicious, intentional attacks on their AI systems and infrastructure. Cyberattacks aimed at AI infrastructure most commonly focus on data poisoning (42%), adversarial samples (22%) and model stealing (20%). 

Despite the growing number of cyberattacks aimed at their AI infrastructures, enterprises are becoming more prolific in designing, testing and deploying models. Seventy-three percent have deployed hundreds of models into production, and large-scale enterprises have thousands of models today. 

CIOs and CISOs, especially in banking, finance, infrastructure, manufacturing and professional services — where models are increasing the fastest — tell VentureBeat they have concerns about keeping up from a security standpoint with the proliferation of models in development and actively deployed. 

Generative AI and machine learning (ML) model security and risk management is a board-level discussion across all industries. The senior management teams of infrastructure, manufacturing, and professional services are focused on gaining greater insight into risks using AI and machine learning.    

“Understanding vulnerabilities and gaining insight at both the site and enterprise level will help enable faster and more informed decisions to better defend against cyberattacks, reduce potential downtime and create a safer environment for our employees,” Chase Carpenter, Honeywell chief security officer, told VentureBeat.

Data centers are a high-value AI target 

Too much focus on cost reduction alone without sustainability designed into data center infrastructure leaves them vulnerable to cyberattacks that capitalize on weak points in infrastructure. Reducing energy costs without a sustainable long-term plan delivers short-term cost savings, but leaves a data center vulnerable to attacks that can shut an entire facility down. 

Examples include attacking cooling systems, disabling air flow, and damaging servers, CPUs, and GPUs. Another is assuming web servers, VPN appliances and endpoints are protected without investing in microsegmentation or endpoint security to protect them.  

“Cyberattacks from Advanced Persistent Threat (APT) groups that are state-sponsored are ramping up this year; we can see it in our monitoring data,” confided the CISO of a utility provider doing extensive generative AI and ML model development. “We used to see our data centers get attacked sporadically, but now it’s a steady stream of state-sponsored attacks looking to penetrate data centers and see what new AI-based monitoring technologies we have under development.”  

The utilities CISO says the Chinese cyberattacker group APT41 is active across global utility power grids and is actively looking to gain new generative AI and Ml technologies. Their attack strategies concentrate on using phishing emails and malware to gain access to the networks of power companies and grid operators. 

They’re most known in the utility industry for their 2019 cyberattack on data center providers in Asia, and the U.S. APT41 hackers exploited unpatched vulnerabilities in VPN devices, unprotected endpoints and web servers that weren’t protected with basic cybersecurity or zero trust hygiene. APT41 exfiltrated data, including intellectual property, AI and ML model development underway, and patents under development with Asian-based research institutes.

Sustainability needs to deliver stronger cybersecurity

With data centers under attack for the valuable generative AI and ML models under development and deployed, a one-and-done mentality never works. CISOs of banking and financial services firms whose data centers see regular state-sponsored attacks say it’s possible to improve sustainability and cybersecurity simultaneously. 

“We’re taking a holistic approach to the challenges of becoming more sustainable and hardening our data centers and their many integrations points back to DevOps and engineering,” said the CISO of a professional consulting firm whose clients are in banking. Staying in compliance with broader sustainability initiatives is essential to continually win new business in the years ahead. So is keeping a data center hardened enough so its physical infrastructure can’t be attacked.

Here are the four strategies learned by CISOs and CIOs who have experienced data center breaches aimed at their generative AI and ML model development: 

Gain greater visibility across every data center asset, including energy usage first.

It’s common knowledge that most enterprises don’t know where 40% of their endpoints are at any given time. In a data center, that’s a breach waiting to happen. CISOs tell VentureBeat that getting real-time visibility of every endpoint and its specific asset management profile is invaluable in helping to alleviate a breach. Tracking the energy consumption of an asset, including the segment of server blocks across their data center floors, helps provide insight into unusually high activity, which could signal the need to upgrade, repair, or replace servers. 

Microsegment every physical system the data centers rely on – and optimize their energy spend.

APT41 is known for its expertise in attacking data center cooling systems and driving the temperatures so high that CPU, GPUs, and server silicon risk being destroyed. In retrospect, CISOs tell VentureBeat that micro-segmenting the industrial control systems (ICS) that control heating, cooling, environmental conditions, fault-tolerant batteries and backup systems are a must-have. Assume a breach has already happened and HVAC, environmental and power systems are compromised to harden a data center enough to withstand another attack. 

From a sustainability standpoint, every CIO and data center team VentureBeat interviewed for this article says they are advanced in using AI- and ML-based tools to analyze energy usage by asset type and group. What’s missing are insights into how all assets across a data center can be better orchestrated to reduce carbon footprints and how all data centers can be viewed in aggregate to reduce their environmental impact. Boards of directors want the roll-up view of how data centers are progressing towards sustainability and environmental, social, and governance (ESG) targets, and often, CIOs have their teams doing this manually every quarter.

Real-time monitoring is table stakes for making progress on sustainability and cybersecurity.

What was once considered optional and sometimes procrastinated about because of its expense is now the core of an effective sustainability and cybersecurity strategy. CISOs whose data centers have been hacked say that if they had real-time monitoring on every server, asset, endpoint, and power source, they could have identified the intrusion faster and had a chance to stop the breach. The more accurate the telemetry data real-time monitoring provides, the better the threat modeling and models to identify anonymous activity that could indicate an intrusion. Real-time data is the lifeblood of sustainable and secure data centers.

Consolidate data center tech stacks to gain greater efficacy and sustainability.

Data centers that get hacked have complex security tech stacks that experienced cyber attackers know how to find gaps in. It’s common to hear a CISO with a data center breached say that the cyber attackers seemed to know their network better than the admins managing them. VentureBeat has learned that more banking, financial services and professional services firms are basing their consolidation strategies around extended detection and response (XDR). Ninty-six percent of CISOs plan to consolidate their security platforms, with 63% saying (XDR) is their top solution choice. Gartner predicts that by year-end 2027, XDR will be used by up to 40% of enterprises to reduce the number of security vendors they have in place, up from less than 5% today. An attribute all XDR leaders have is deep talent density in AI and ML across their teams. Leading XDR platform providers include Broadcom, Cisco, CrowdStrike, Fortinet, Microsoft, Palo Alto Networks, SentinelOne, Sophos, TEHTRIS, Trend Micro and VMWare.   

By consolidating tech stacks, XDR also contributes to data centers achieving their sustainability goals. Reducing data centers’ energy consumption and carbon footprints by eliminating redundant security tools and streamlining security operations is key to a successful tech stack consolidation. XDR’s use in data centers is proving effective in improving resilience and reliability by providing faster and more accurate threat detection and response. XDR is helping data centers save up to 50% of energy costs and reduce CO2 emissions by up to 85%. Additionally, XDR can improve the performance and availability of data center applications by minimizing downtime and disruption caused by cyberattacks.

Hardening data centers is core to generative AI’s future. 

Four strategies deliver the most practical value in securing data centers immediately, according to CISOs who have lived through an intrusion and breach attempt. For the utilities CISO being routinely scanned and probed by state-sponsored actors, the need to be vigilant and make the four strategies core to their operations is key. Real-time data and XDR are helping keep intrusion attempts out, and microsegmentation protects HVAC, power, and related subsystems. Data centers whose enterprises are known for generative AI and ML expertise are targets today. From the interviews VentureBeat has had recently, nation-state attacks are ramping up with a primary focus on power grids and related technologies.