Home Insight Managing cyber security risk in an HPC environment

HPC isn’t new, – just as data isn’t new. Scientists have been using both for a long time. But the amount of data we collect has grown exponentially in the last few decades and it’s no longer just the realm of scientists. These days, data is big business.

Unfortunately, that fact hasn’t escaped the notice of cyber criminals, who are equally keen to prosper from what some are calling the 21st century goldrush.

HPC and Cyber Security Header Image

With analysts predicting that there will be 163 zettabytes* of data in the world by 2025, we’re likely to see a more general rollout of high performance computing (HPC) to enterprise users. Anyone who has sat waiting for a data-dense file to load, the beachball/hourglass spinning as the red mist descends, will know that the human race could not withstand more data with no more compute power. 

[Learn more about how HPC is affecting data centres]

Fortunately, HPC gives you the ability to perform a number of process-heavy tasks at once, or one very onerous task much, much more quickly than you could with a typical dual core processor. That’s because a high-performance computer is a cluster of cores – GPUs and CPUs, aggregated according to your needs – all networked together to enable you to make the most of all that processing capacity.

*163 zettabytes looks like this: 163 000 000 000 000 000 000 000

However, the rise of HPC creates new targets for hackers to attack, and an increased tool box for them to work with.

Data gold – the bounty that hackers want to get their hands on

Data is knowledge. Knowledge is power. Power is money. When you break it down, it’s that simple.

Whether it is passwords, account details, or information that hackers can use to extort their victims, there is a lot of knowledge, power and money wrapped up in data. And there is a mass of data stored in HPC systems. This makes them a valuable target for cyber criminals who can steal this data either for their own use or to sell on to others.

HPC in the hands of hackers

What did I say before?

‘HPC gives you the ability to perform a number of process-heavy tasks at once, or one very onerous task much, much more quickly than you could with a typical dual core processor.’

Fantastic for arduous data processing tasks like checking accounts for fraudulent activity – even better for running password-cracking software in order to actually commit fraud.

If HPC is good for business, it’s good for cyber criminals – better in some ways, as there is almost no limit to what criminals can achieve with the additional computational power of HPC. Imagine a DDOS attack orchestrated via HPC? The force of such an attack would be staggering.

And since your average cyber criminal is unlikely to be investing their bounty in an HPC set-up of their very own, we have to assume that they are hacking into someone else’s system. In fact, HPCs are as much a target for misuse as they are for theft.

Protecting against HPC cyber attacks

Since there is a serious risk of HPC being misused, even if you’re not interested in using HPC at all, it still needs to be factored into your cyber security decisions.

Here’s what you can do to protect your IT systems against HPC deployed attacks:

  • Secure Passwords – More important than ever; the increased power of HPC means attackers will be able to attempt automatically guessing passwords even faster. The increase in guesses means it’s much more likely that using “Password123” will lead to your accounts being compromised.
  • Backups – No matter what sophisticated technology is deployed against you, you can always recover your system if it is backed up in a different location. So even if you have a data breach, a proper system-recovery plan can allow you to continue business as usual. 

[Learn more about Managed Backup services]

  • Stay informed – As the technology of HPC advances, it will cause new issues and problems, but we will also have new solutions being developed all the time. Keeping up-to-date with the latest news will help you keep your company secure against HPC attacks.

[Read our blog: Cyber Security and the Quantum Decryption issue]

Vulnerability Scan sample example report

Protecting your HPC against cyber attacks

Like all cyber security, protecting your HPC cluster from cyber attacks is a process; it can’t be achieved with one great product. And though there are many similarities with regular cyber security, there are also some differences to take into account. For example, many HPC clusters are built for open international collaboration. Typical security solutions might hinder or even prevent legitimate data transfer. In addition, ownership of data can be geographically dispersed, with different users taking a different approach to security – it’s very hard to manage risk in this environment. It only takes one compromised node to render the entire cluster vulnerable. That being said, there are ways of configuring security to minimise risk and optimise response. For example:

  • Create network segments to separate different services within the cluster. It is then possible to have a network within which data can be shared without having to connect to the internet. This also minimises instances of cross-contamination between nodes. These network segments are sometimes referred to as DMZs (demilitarized zones).
  • Implement specialist authentication software designed for HPC users. Multi-factor authentication may not work with so many international collaborators but things like single-use passwords (with sufficient life) can minimise the chances of an HPC cluster being penetrated by cyber criminals.
  • On-premises HPC setups are typically used for repetitive tasks. Monitoring these systems for unusual activity is a simple way of spotting a cyber attack.
  • Encryption can be a useful way of protecting data, but it should be used strategically or it will impede HPC performance.

HPC cyber security is evolving. In the meantime, both HPC and non-HPC users should implement tried and tested cyber security protocols, such as having a comprehensive security strategy and incident response plan, performing regular audits to measure and maintain effectiveness, making use of firewalls and anti-virus software and generally observing good overall cyber hygiene.

4D's HPC Capabilities

Across the UK, our data centres have been uniquely built for high density deployments, and our infrastructure reflects this.   All our racks are equipped with power supplies capable of hosting anything up to ultra-high density (around 40kW) without any additional power installation requirement.  The latest rear-door cooling technology comfortably copes with the cooling requirements of a HPC rack and can be installed upon request onto any of our existing racks.

4D’s high and ultra-high density capabilities provide a leading-edge HPC standard that can seamlessly integrate across other systems and services.

If you’re considering hosting HPC within a data centre, please get in touch with 4D or call us on 020 3962 0399 to explore our HPC solutions and how we can best help your company.

data centre checklist colocation banner