Bastille: Securing Data Centres From Advanced Cyber Threats

Wireless hacking equipment that once required military budgets, in today's world, can be purchased for less than US$100 and carried in a trouser pocket.

Ivan O'Sullivan, Chief Revenue Officer at Bastille, makes that observation during a fireside discussion titled "Securing the Invisible: Wireless Cybersecurity for AI Data Centres" at Data Centre LIVE: The London Summit.

The session took place on Day Two of the event at Exhibition White City on 20-21 May where, speaking with moderator Ben Craske, Senior Editor of Data Centre Magazine, Ivan outlined how the accessibility of advanced wireless attack tools has lowered the entry barrier for malicious actors.

Ivan paints a desolate picture, where sophisticated wireless hacking is no longer confined to governments or elite cybercriminals.

The proliferation of affordable technology means that even moderately skilled individuals can now execute attacks that would have been impossible without substantial resources just a decade ago.

The conversation centres on why wireless cybersecurity could become one of the more pressing issues facing AI infrastructure operators.

Ivan suggests the industry is only beginning to address the challenge, with many facilities still relying on outdated security models designed for traditional data centre environments.

AI infrastructure transforms the risk

For years, data centre operators prioritised physical security and perimeter controls.

Guards, mantraps, biometric scanners and controlled access routes became standard practice across facilities.

AI infrastructure changes that model fundamentally.

"The value of the data has gone up and perimeter security is no longer good enough," Ivan says.

AI environments consolidate enormous volumes of valuable information into single locations, creating concentrated targets that were previously distributed across multiple sites.

These facilities house model weights – the intellectual property that underpins large AI systems.

Ivan describes those model weights as targets for nation-state adversaries with the resources and motivation to pursue them aggressively.

"This isn't schoolboy hackers," he says. "It's nation-state adversaries."

Ivan argues that AI models are now compact enough to be exfiltrated wirelessly at speed.

Having technologies such as Wi-Fi 7 capable of transferring large volumes of data in minutes, attackers could steal sensitive assets without physical access or wired infrastructure.

The combination of high-value targets and high-speed wireless protocols creates a perfect storm of vulnerability.

That shift, he warns, changes how operators must approach cybersecurity across every layer of their infrastructure.

Bluetooth vulnerabilities expand beyond consumer use

One topic that draws attention during the session is the evolution of Bluetooth technology.

In the eyes of many, Bluetooth is associated with short-range consumer devices such as headphones or wireless mice.

Ivan highlights how dramatically the technology has evolved. Bluetooth range has expanded from a few metres to distances measured in kilometres – fundamentally altering the threat landscape.

He references experiments by Hubble Network, which demonstrated Bluetooth transmissions reaching low Earth orbit satellites.

"If Hubble is doing that for good reasons," Ivan says, "what I hear from my contacts in the intelligence community is that Chinese manufacturers are only two years behind."

The implication is that wireless signals once assumed to remain inside facilities could now travel beyond perimeter walls.

Ivan also discusses "nearest neighbour" attacks, where adjacent Wi-Fi networks could become entry points for attackers operating remotely, even from another country.

Connected infrastructure introduces internal risks

Ivan warns operators about the risks embedded within modern infrastructure itself.

Data centres contain numerous connected devices, from smart PDUs and environmental sensors to chillers controlled wirelessly for remote maintenance.

Convenience can create vulnerability.

Ivan cites a case involving a Bluetooth-enabled chiller system left exposed with default credentials. Maintenance engineers preferred managing it remotely from the car park rather than repeatedly passing through physical security controls.

This single oversight created a potential entry point into infrastructure supporting major financial operations, according to Ivan.

Supply chain security emerges as another concern during the discussion.

As global equipment shortages are pushing operators towards alternative procurement channels, Ivan questions how thoroughly organisations can verify every connected component entering facilities.

"If you could get one on Amazon on the grey market," he asks, "would you be tempted?"

The most concerning revelation from the conversation, is how inexpensive sophisticated wireless hacking tools have become.

Software-defined radios once associated with military systems costing millions are now available for under US$100, Ivan notes.

Devices such as the Flipper Zero have gained attention for their ability to manipulate wireless systems and physical access controls.

This, while the largest infrastructure build out on planet earth is happening at extraordinary speed. 

"The speed at which these data centres are going up really shocked us," Ivan says.

With rapid deployment often prioritised over security architecture, many operators are retrofitting wireless protection after facilities become operational.

Ivan O'Sullivan's final message to operators is that perimeter security alone is no longer sufficient. Wireless threats cannot be addressed through occasional bug sweeps or front-door controls, he argues.

Instead, operators need persistent, facility-wide visibility into wireless activity across their environments. As AI infrastructure scales globally, the invisible attack surface surrounding data centres is expanding.

The session makes clear that the next cybersecurity battle could happen not on the network cable, but in the air around it.