Executive Summary
- Dennis Mattoon, Co-Chair of the Trusted Computing Group’s Data Centre Work Group explores the idea that securing data centres at the hardware layer because hardware-anchored trust has become essential, especially with threat actors continuing to bypass software-level firewalls and create permanent backdoors.
- Presently, the threats in scope include the feeding of compromised boot code to CPUs, impersonating a CPU to a TPM, injecting or suppressing measurements to mislead legitimate TPMs, and redirecting genuine measurements to an attacker-controlled device.
- Modern data centre designs make it a challenge to permanently bind CPUs and TPMs, creating opportunities for interposers to operate undetected and so, establishing trust within these facilities
Data centre construction is accelerating across the globe, driven by Artificial Intelligence (AI), growing cloud demand, and multi-billion investments that are reshaping digital infrastructure. This trend shows no signs of stopping either, with worldwide investment hitting a record $61 billion in 2025, and at least 16GW of capacity slated to come online in 2026 alone.
National-level government policies are also promoting data centre developments by streamlining the permissions process, opening federal land for construction, and providing robust tax and utility incentives to relevant businesses. The United States, for example, issued an order in July 2025 directing agencies to use the FAST-41 framework to help fast-track large data centre projects within its borders. The Departments of Interior, Energy and Defense have also been ordered to authorise developments on suitable lands, including repurposed Brownfield and Superfund sites.
An ever-expanding threat landscape
However, as these facilities scale in size and processing power, so too does the available attack surface. Distributed Denial of Service (DDoS) incidents are growing year-over-year, targeting key infrastructure such as data centres, while third-party involvement in breaches doubled to 30% of all incidents – especially concerning given these facilities reliance on sourced hardware, firmware, and service supply chains. Application-layer exploits are also growing in prominence too.
Since the rise of AI, it’s never been easier for a hacker to flood servers with significant amounts of junk traffic to overload servers so authorised users cannot access key services. Once critical infrastructure is breached, attackers can go on to encrypt and exploit files, holding these to ransom for the decryption key. The scale of these attacks are unprecedented: in 2025, Cloudflare managed to mitigate a 29.7 terabits-per-second DDoS attack, launched by the Aisuru botnet which consisted of 1-4 million infected devices from around the world. Attacking the organisation’s edge data centres in an attempt to overwhelm its network capacity, this incident demonstrates the types of complex attacks being levelled against critical cloud and data centre infrastructure.
Consequently, the industry’s reliance on software-only defences is not enough to mitigate attacks appropriately. Instead, they must first turn to the latest computing standards and specifications to form a strong first line of defence against attackers.
Establishing trusted computing
Within data centre facilities, hardware anchored trust has become essential. Threat actors continue to bypass software-level firewalls and create permanent backdoors, meaning operators must enforce cryptographically verify hardware authenticity and monitor or recover effectively from unauthorised firmware modifications.
This can be achieved through technologies like Trusted Platform Modules (TPMs), which gives data centre networks a hardware-anchored Root of Trust (RoT) that offers protections that software alone can’t match. During start-up, the TPM measures the boot code and compares those measurements against a known, trusted state. If anything is altered, the TPM can then halt the boot process to stop compromised firmware or malicious code from loading. Now found in over 2 billion devices across the globe, the TPM also provides a secure environment for generating, storing, and managing the cryptographic keys essential for encrypting and protecting any sensitive data.
Of course, the TPM shouldn’t be considered the one-stop-shop for security. In more complex security environments, it can be combined with technologies like the Device Identifier Composition Engine (DICE) to enhance protection, while other solutions can offer enhanced cyber resilience. However, a sophisticated attack can insert an interposer between the Central Processing Unit (CPU) and the TPM, giving attackers access to the legitimate control signals that pass between them.
With that foothold, an interposer can inject its own boot code, impersonate the CPU and even use the authentication key to deceive a remote verifier into accepting falsified integrity measurements. In doing so, the attacker can suppress or modify signals, extracting secrets and ultimately weaponising the data centre’s own hardware against its operator.
Setting the standard for data centre security
This is why further work focusing on hardening platforms against these hardware-level threats is vital. Thankfully, international standards organisations are hard at work to deliver greater protection to operators. Within TCG for example, the Data Centre Work Group is strengthening trust across ecosystems and components by focusing on defending platforms against active interlopers. Its remit includes analysing the full range of known attack paths against both hardware and firmware, and developing practical ways to block or mitigate them.
Presently, the threats in scope include the feeding of compromised boot code to CPUs, impersonating a CPU to a TPM, injecting or suppressing measurements to mislead legitimate TPMs, and redirecting genuine measurements to an attacker-controlled device. Through these efforts, the TPM should be able to reliably protect the resources and communications of the CPU it is attached to, using precise and verifiable measurements.
The TPM should also be able to prove the integrity of these measurements, and the identity of the correct CPU instance to any verifier. Once this has been achieved, it will be a foundational step forward towards embedding stronger, hardware-anchored trust throughout modern data centre environments.
Unfortunately, current data centre designs make it a challenge to permanently bind CPUs and TPMs, creating opportunities for interposers to operate undetected. By establishing trust within these facilities, the hope is that this gap can be closed, giving operators confidence that the components within their systems are genuine, uncompromised and not at risk of being weaponised from within.



