Intentional EMI Leapfrogs Modern Data Center Defenses
Modern data centers have sophisticated systems in place for multi-layer physical access control and security against a host of physical threats, and for ensuring cyber security. They apply systematic methods for electronic intrusion detection/denial. The Uptime Institute defines the resiliency of a data center as a combination of Design Topology (Tier Status) and Operational Sustainability1, with the latter category accounting for approximately 70 percent of all site failures.
In recent years, a newly recognized phenomenon has emerged as a growing threat to the operational sustainability of non-military data centers and a host of other civilian infrastructure facilities that rely on electronic data processing and storage. This phenomenon is intentional electromagnetic interference (IEMI).
The IEMI threat can leapfrog modern data center physical and cyber defenses, shut down support systems, disrupt center operations, corrupt data, and even damage circuit elements and thwart digital forensics if the electronic interference levels are strong enough.
The formal definition of IEMI is “Intentional malicious generation of electromagnetic energy introducing noise or signals into electric and electronic systems thus disrupting, confusing, or damaging these systems for terrorist or criminal purposes.” 2
The Department of Homeland Security (DHS)3 divides critical civilian infrastructure into 18 categories, all of which have varying degrees of vulnerability to IEMI. Two of the categories-information technology and banking/finance-encompass data center technology directly, and most of the other DHS infrastructure categories have significant data center elements. The IEMI threat to electronic systems has quickly evolved from laboratory and military applications into a peril that is readily available to a host of potential domestic and international perpetrators of damage to data center and other infrastructure, such as criminals, disgruntled employees, and terrorists. This threat is currently the subject of intense scrutiny by business continuity/disaster recovery professionals, and those responsible for ensuring regulatory compliance for data integrity and security.
Fortunately, for this class of electronic threats, there exists a graduated set of technical and procedural remediation approaches. The incorporation of IEMI protection into data center design and operation will soon be as commonplace as current physical and cyber security measures.
The IEMI/RF Weapon Threat
IEMI includes a number of closely-related technologies that are best known by their acronyms. These include:
- Non-nuclear electromagnetic pulse (NNEMP, N2EMP)
- Radio-frequency weapons (RFW)
- High-power microwave (HPM)
- High-intensity radiated fields (HIRF)
- High-power electromagnetic (HPEM)
- Man-portable or vehicle-borne EMP
IEMI is silent, invisible, cannot be physically sensed, penetrates ordinary structures, and therefore is very covert. IEMI is not a virus or malware, but it can corrupt data. It is not a bomb, but it can destroy electronics. Finally IEMI is not a form of encryption, but it can garble data irreversibly.
Modest shielding of electronics is commonplace across many product types, e.g., to prevent wireless phones from interfering with speakers, or microwave ovens from disrupting consumer electronics.
The U.S. Navy published a detailed unclassified report that outlines this non-nuclear civilian threat.4 The Navy report was intended to raise the level of awareness about the growing threat of IEMI and provide a general outline for developing a mitigation strategy because our national security depends on our civilian infrastructure.
IEMI devices can be categorized into two broad categories, depending on the type of signals they produce. Narrowband devices focus their energy into a tight frequency distribution, generally exploiting known weaknesses to maximize impact. Devices in this category include HPM weapons and off-the-shelf radar sets. Broadband devices are simpler to build and employ a very wide frequency distribution to maximize the probability that some part of the signal will find an efficient coupling path.
The sophistication of IEMI devices varies widely. Plans and parts for powerful but simple devices can be readily purchased on the Internet. Equipment that has other uses can be converted or used to cause upset, for instance radar sets and magnetrons from microwave ovens.
Who would conceive of deploying this kind of mayhem? The list is as long as those who would launch more “conventional” cyberattacks and includes criminals; disgruntled employees and customers; business competitors including foreign agents, protesters, terrorists, extremists, misguided students; and rogue nations. Some computer hackers have the potential to branch into low-cost IEMI disruptions. This threat is highly asymmetric: minimal cost, with available, uncontrolled technology that can inflict disastrous damage to infrastructure and its valuable data. This technology is actually being taught at a number of international universities. It has peaceful applications, but the possibilities for misuse are obvious. Most laymen, with plans purchased over the Internet, could build an IEMI device.
Mobile devices in innocent looking trucks can damage or destroy electronics circuitry up to 600 ft away or corrupt and disrupt the data of commerce over two miles away then drive away undetected. Normal buildings and structures are transparent to this threat. Innocent looking hand-held or man-portable devices can do damage and/or corrupt data at closer distances.
The IEMI threat cuts across all Tier standards for data centers, since it disrupts or destroys electronics in parallel redundant paths of support equipment such as power distribution, backup generators, and cooling system chillers simultaneously. It can enter a facility as radiated energy; it can also couple into currents in cabling and other wiring serving the facility.
It is important to point out that these threats are cyberthreats, since they can corrupt and destroy data by changing data states, just as surely as the more publicized internet hacker attacks. The fact that IEMI attacks are not network borne even intensifies their effects, as they evade all current cyber and physical security measures. Servers and their stored data can suffer subtle impacts. Even if the electronic circuitry is not damaged, data can be altered and system reliability degraded.
IEMI does not allow the possibility of performing post-event digital forensics. IEMI can be coordinated with a physical and/or conventional cyberattack to multiply the impact in a “blended attack.”
Legislation mandating public company accounting reform and investor protection, such as the Sarbanes-Oxley Act of 2002, has serious implications for data center operations. Additional legislation, standards and regulations that apply to data retention requirements include Basel II, NFPA 1600, PCI-DSSS, the Gramm-Leach-Bliley Act, and the SEC’s NASD requirements. Adhering to tier standards does not guarantee operational sustainability or data integrity, and an IEMI data corruption or electronics systems event will likely violate these data retention regulatory requirements. The ability to meet the business mission of a client would then be put in jeopardy.
Recent IEMI Events
In Holland, an individual seriously disrupted a local bank’s computer network because he was turned down for a loan. He constructed a briefcase-sized radio frequency weapon, which he learned how to build from the Internet. Bank officials did not even realize that they had been attacked or what had happened until long after the event.
Numerous other IEMI examples can be cited around the world.4 The insidious aspect of IEMI for our national infrastructure is that it attacks both cyber and physical security aspects of our electronics-based systems in manners that can completely circumvent firewalls, layered networks, passwords, physical barriers, security procedures, etc. Unlike traditional cyber threats to data security, IEMI is extremely covert and difficult to detect and trace, with no footprints readily amenable to forensics, and with the ability to impede digital forensics by corrupting the data.
Hoad, et al.5 have reported tests on different types of modern PCs exposed to varying levels of IEMI and found disruptions ranging from interference/disturbance to digital upset to damage.
Some of the graduated approaches that can be taken to remediate facilities and data from the growing IEMI threat are, in order of increasing complexity and effectiveness:
- Do nothing
- Update and improve policies and procedures
- Redefine and enforce security perimeters
- Install IEMI warning detectors
- Protect electronic spares
- Install protected racks
- Install protected power modules to serve protected high-density container/modular systems
- Protect backup and redundant generators and chillers
The techniques at the lower end of the protection spectrum allow a data center and its equipment to recover from an IEMI event, even though operations may be temporarily interrupted. For centers with high demand for continuous uptime, the more sophisticated remediation approaches are required to operate through an event. A data center no longer has to be shut down to implement significant IEMI protection.
IEMI produces unpredictable consequences similar to fire and natural disasters. Successful businesses have BCDR plans that identify critical processes, assets, and associated equipment to allow continuity of operations. These plans should now be expanded to include IEMI. Policies and procedures are in place and investments have been made to meet recovery operations and associated operational sustainability. Overlaying incremental IEMI protection ensures business continuity and achieving recovery objectives.
A new data center on the drawing boards can include purpose-built features for remediation against the IEMI threat. Installing effective shielding and filtering into an existing data center is challenging, but some immediate cost-effective solutions can quickly be put in place to protect critical computing and data assets form IEMI and random electromagnetic interference. As an example, Figure 5 illustrates a new type of protected data module that can protect assets in the critical frequency range between 1 MHz and 10 GHz. This protection for critical assets can be installed right next to conventional rack elements. These modules contain integrated and protected UPS, filtered clean power, electromagnetically filtered airflow and communications, and they accept most rack-mounted storage and servers.
At a higher level, data center operators are considering shielded modular or containerized data center add-on spaces. For assured business continuity and extended runtime of higher tier centers, these add-ons also require the use of protected power modules (PPM) now entering the market.
The threat to data centers and other electronics-based infrastructure from modern, available Intentional electromagnetic interference devices is not to be underestimated. IEMI has a potentially large impact on critical business processes, the ability to deliver a continuity of operations, and to recover to a status of normal operation. Devices have been used in the past4 and are threatening with increasing frequency in the future.
Fortunately, for this class of electronic threats, there exists a graduated set of technical and procedural remediation approaches. Talking with knowledgeable practitioners about the options available now is a very desirable precaution, to ensure business continuity and event recovery certainty.