US CISA has recently warned of cyberattacks on internet-connected UPS devices. Thus, users must remain careful about potential threats and consider disconnecting the devices from the internet, advises CISA.
Cyberattacks on Internet-connected UPS
Through a recent advisory, the US Cybersecurity and Infrastructure Security Agency (CISA) and the Department of Energy (DoE) have warned users of internet-connected uninterruptible power supply (UPS) devices to enhance their security measures given the ongoing risk of cyberattacks.
Many UPS vendors have introduced internet connectivity features in the devices for better control. Consequently, numerous organizations use such UPS as power backup supplies for various activities. As the advisory states,
UPS vendors have added an Internet of Things capability, and UPSs are routinely attached to networks for power monitoring, routine maintenance, and/or convenience…
Loads for UPSs can range from small (e.g., a few servers) to large (e.g., a building) to massive (e.g., a data center). Various different groups within an organization could have responsibility for UPSs, including but not limited to IT, building operations, industrial maintenance, or even third-party contract monitoring service vendors.
Given the crucial functionality, these devices can become an easy attack vector for cybercriminals. Especially since most devices stay online with the default, unchanged login credentials, any adversary can exploit them to infiltrate the target network.
Thus, CISA and DoE have warned users to adopt measures to prevent such threats. These include updating the login credentials from the default with strong/unique passwords, implementing login timeout features, and securing the devices with a VPN. Although, the primary recommendation remains to disconnect the UPS devices from the internet to avoid such threats altogether.
Internet-of-Things (IoT) arrived aiming to bring convenience to the modern world. But the system has become more problematic lately amidst the rising threats. Considering the present-day cybersecurity scenario, using tools like antimalware or VPN is inevitable. But still, no means can warrant 100% fool-proof security. Therefore, what remains wise is to minimize dependency on IoT unless adequate countermeasures become available.