How colocation providers and hyperscalers can defend against supply chain attacks

This audio was created using Microsoft Azure Speech Services

Data centers process and store the data that supports modern life. Whether the data relates to critical systems in hospitals, transportation, banking, or retail websites, it must be protected against threats. This is particularly critical for colocation providers and internet giants that handle data for numerous clients. If there is a security breach via a cyberattack, vulnerable client data may be compromised, and service level agreements may be out of compliance. One of the most common cyber threats data center operators face involves the supply chain.

Research firm Gartner predicts that 45% of organizations worldwide may experience attacks on their software supply chains by the end of 2025. Through supply chain attacks, bad actors can inject malicious code into software and hardware systems sold to data centers to steal critical data once systems go live. Supply chain attacks can also introduce counterfeit hardware into the infrastructure to steal data, disrupt operations, or contaminate data repositories. These attacks are costly too. IBM reports that the average global cost of a data breach incident reached $4.45 million in 2023.

Addressing Supply Chain Attacks

Supply chain security is a shared responsibility involving the colocation and hyperscaler data center operators, suppliers, integrators, and data center tenants. Any vulnerability in the supply chain can open a door to an attacker, so mitigating risk is paramount.

Partner with suppliers that secure with encrypted chips

Security at colocation and hyperscaler data centers is an intricate, multilayered affair with various parts working in unison to prevent data theft and disruption. One part involves a small, encrypted microchip that suppliers insert into certain products, such as intelligent power meters. Cloud-connected intelligent meters capture critical data about how much and what type of power a data center uses. Utilities place requirements on data centers to boost efficiency, and non-compliance can trigger penalties.

Intelligent meters are composed of many components. During manufacturing, these components move from one manufacturing plant to another as printed circuit boards are created, electrical components are added, and firmware is loaded. As the components travel, they must remain tamper-proof. For instance, an encrypted chip is loaded on the board at the outset to prevent bad actors from injecting it with malicious code. A decryption key, which would unlock the chip, is unavailable to any third parties that are part of the manufacturing process.

The chip ensures the product remains locked down throughout the manufacturing and assembly process. Along the way, different partners must conduct tests for quality assurance, ensuring that components work properly. When the board reaches the final assembly plant, the decryption key necessary to unlock the final product is acquired by secure backchannel communication with the chip supplier. The final product can then be loaded and booted as an intelligent power meter for the first time.

At Schneider Electric, we use encrypted chips, which aid in providing full traceability, ensuring any attempt to tamper with the product is identified and stopped. This encryption can be used for various data center products, not just power meters, to prevent supply chain attacks. Circuit breakers, power distribution units (PDUs), uninterruptible power supplies (UPSs), and other hardware may also carry chips capable of this encryption.

Identify counterfeit products

Encryption chips also help prevent counterfeiting. Fake products can cause various problems, including introducing malicious code into the data center infrastructure. Counterfeiting can be extremely dangerous, for example, a counterfeit circuit breaker that fails to meet safety standards could pose a significant risk to life.

Protecting against tampering and counterfeiting has always been important, especially now that most systems use cloud connections to send data. As we've seen with recent supply chain attacks, bad actors can use cloud-connected systems to amplify damage caused by attacks. Schneider Electric has various programs in place to protect the supply chain. Besides using encrypted chips in our products to prevent tampering, we employ traceability methods in our firmware to defend against attacks. We also have a reporting program you can use if you come across counterfeit products.

Mitigating supply chain cybersecurity threats

As we move forward in 2025 and beyond, colocation providers and internet giants must stay one step ahead of threat actors in securing their supply chains. An attack could affect hundreds of organizations and cost many millions of dollars. By putting these controls in place, Schneider Electric is doing its part in working with partners along the supply chain to protect data centers from supply chain attacks. To learn more about data center cybersecurity best practices, check out our white paper, Cybersecurity, Product Security, and Data Protection at Schneider Electric, or visit our cybersecurity site.

Public link

Please use the above public link if you want to share this noodl on another website.