Uninterruptible Power Supply (UPS) Devices In the Bullseye for Hackers

Written by

Geoff Halstead

Published on

Reading time

2 min.

Smart UPS Devices

Weak Protocols and Built-in Back Doors Make These Inviting Targets

The Cybersecurity and Infrastructure Security Agency (CISA) and the Department of Energy have issued multiple alerts for threat actors gaining access to a variety of internet-connected uninterruptible power supply (UPS) devices, often through unchanged default usernames and passwords.

UPS devices provide clean and emergency power in a variety of applications when normal input power sources are lost. Loads for UPSs can range from small (e.g., a few servers) to large (e.g., a building) to massive (e.g., a data center). In recent years, UPS vendors have added an Internet of Things capability, and UPSs are routinely attached to networks for power monitoring, routine maintenance, and/or convenience.

Unfortunately, most UPSs are still monitored using insecure protocols – such as SNMPv1 or v2 – which are known to be highly vulnerable to cyber criminals. Even SNMPv3 includes inherent cyber flaws that make it vulnerable to attack. In addition, many SNMP cards manufactured in China have backdoors that can compromise the UPSs.)


Cybersecurity and Infrastructure Security Agency (CISA)

CISA advises the following critical steps to reduce the likelihood of UPS systems being hacked.

1. Ensure UPSs are not accessible via the Internet

Organizations can mitigate attacks on UPS devices by removing management interfaces from the Internet. If remote connection is required – as is usually the case – connecting management interfaces to the Internet is required, secure networking technology to prevent visibility and attack is critical.

2. Change the UPS’s default credentials and Use Strong Passwords

Check to make sure that the username and password are not set to the factory default ― and if they are, update them immediately to strong, long passwords or passphrases in accordance with National Institute of Standards and Technology (NIST) guidelines.

3. Update UPS firmware

In addition to default credentials, threat actors can also use critical security vulnerabilities to enable remote takeovers of UPS devices. Failing to install firmware updates can increase a UPS’s vulnerability to hackers. In fact, Gartner predicts that 70% of organizations that do not have a firmware upgrade plan in place will be breached due to a firmware vulnerability.

Securing UPS’s with Faction VPCs

A Faction Pod and Virtual Private Circuit:

  1. makes a UPS invisible and inaccessible to the Internet;
  2. eliminates passwords and credentials of any kind;
  3. closes off access to the Internet in both direction – thereby mitigating most backdoor threats.

To Learn More:

Related Blogs

WiFi

Alert: Two major flaws expose WiFi networks to attack, affects billions of users

Reading Time: 5 min.

Summary Two major flaws in open-source software could enable bad actors to break into password-protected home and enterprise WiFi networks. The…

Read more

The Internet Cannot be Defended from the PRC

Reading Time: 4 min.

The NSA release this week a comprehensive report with explicit details of the extent of the activity and ‘Tradecraft” of…

Read more
Keep It Simple

KISS: Keep It Simple Security

Reading Time: 7 min.

Faction Networks changes the paradigm and enables K.I.S.S. by going back to the foundation of actually securing networking, and then…

Read more
Linux XYZ Utils Back Door

The System is Blinking Red

Reading Time: 6 min.

The “Good Enough” strategy in Cyber Security is not going to cut it any more. The time frame here is…

Read more

How Could This Happen?! A Deep Dive into the Change Healthcare Attack

Reading Time: 11 min.

It’s not an aberration – it WILL happen again As many of you have no doubt heard or read about,…

Read more
Food Manufacturing

Not Just ‘Factories’ – 40% of Food & Beverage Manufacturers Impacted by Ransomware Attack

Reading Time: 1 min.

JSB Foods ransomware incident just a prominent example According to Claroty, more than 40% of food and beverage-sector respondents had…

Read more
Hacking data

Why a 2nd Class Air National Guardsman Could Read the Pentagon’s Briefings on Ukraine’s War Plan

Reading Time: 3 min.

Most people by now have heard of Jack Teixeira, or if not at least the infamous story of how a…

Read more
Smart UPS Devices

Uninterruptible Power Supply (UPS) Devices In the Bullseye for Hackers

Reading Time: 2 min.

Weak Protocols and Built-in Back Doors Make These Inviting Targets The Cybersecurity and Infrastructure Security Agency (CISA) and the Department…

Read more

Nobody Would Have Agreed to This

Reading Time: 9 min.

Even George Orwell Could Not Have Imagined the World We Live in Today Let’s Start with a Thought Experiment If…

Read more

5 Easy Cybersecurity Steps to Radically Reduce Your Risk NOW

Reading Time: 9 min.

For most small to mid-sized business owners, just keeping business and operations running is the primary concern. When one looks…

Read more

Warning: Undefined array key 0 in /var/www/factionnetworks/wp-content/themes/bricks/includes/elements/code.php(216) : eval()'d code on line 19

Warning: Attempt to read property "cat_ID" on null in /var/www/factionnetworks/wp-content/themes/bricks/includes/elements/code.php(216) : eval()'d code on line 19

Warning: Undefined array key 0 in /var/www/factionnetworks/wp-content/themes/bricks/includes/elements/code.php(216) : eval()'d code on line 20

Warning: Attempt to read property "cat_name" on null in /var/www/factionnetworks/wp-content/themes/bricks/includes/elements/code.php(216) : eval()'d code on line 20

Uninterruptible Power Supply (UPS) Devices In the Bullseye for Hackers

Weak Protocols and Built-in Back Doors Make These Inviting Targets The Cybersecurity and Infrastructure Security Agency (CISA) and the Department of Energy have issued multiple alerts for threat actors gaining access to a variety of internet-connected uninterruptible power supply (UPS) devices, often through unchanged default usernames and passwords. UPS devices…

Reading Time: 2 min.

Smart UPS Devices

Weak Protocols and Built-in Back Doors Make These Inviting Targets

The Cybersecurity and Infrastructure Security Agency (CISA) and the Department of Energy have issued multiple alerts for threat actors gaining access to a variety of internet-connected uninterruptible power supply (UPS) devices, often through unchanged default usernames and passwords.

UPS devices provide clean and emergency power in a variety of applications when normal input power sources are lost. Loads for UPSs can range from small (e.g., a few servers) to large (e.g., a building) to massive (e.g., a data center). In recent years, UPS vendors have added an Internet of Things capability, and UPSs are routinely attached to networks for power monitoring, routine maintenance, and/or convenience.

Unfortunately, most UPSs are still monitored using insecure protocols – such as SNMPv1 or v2 – which are known to be highly vulnerable to cyber criminals. Even SNMPv3 includes inherent cyber flaws that make it vulnerable to attack. In addition, many SNMP cards manufactured in China have backdoors that can compromise the UPSs.)


Cybersecurity and Infrastructure Security Agency (CISA)

CISA advises the following critical steps to reduce the likelihood of UPS systems being hacked.

1. Ensure UPSs are not accessible via the Internet

Organizations can mitigate attacks on UPS devices by removing management interfaces from the Internet. If remote connection is required – as is usually the case – connecting management interfaces to the Internet is required, secure networking technology to prevent visibility and attack is critical.

2. Change the UPS’s default credentials and Use Strong Passwords

Check to make sure that the username and password are not set to the factory default ― and if they are, update them immediately to strong, long passwords or passphrases in accordance with National Institute of Standards and Technology (NIST) guidelines.

3. Update UPS firmware

In addition to default credentials, threat actors can also use critical security vulnerabilities to enable remote takeovers of UPS devices. Failing to install firmware updates can increase a UPS’s vulnerability to hackers. In fact, Gartner predicts that 70% of organizations that do not have a firmware upgrade plan in place will be breached due to a firmware vulnerability.

Securing UPS’s with Faction VPCs

A Faction Pod and Virtual Private Circuit:

  1. makes a UPS invisible and inaccessible to the Internet;
  2. eliminates passwords and credentials of any kind;
  3. closes off access to the Internet in both direction – thereby mitigating most backdoor threats.

To Learn More:

If you liked this post, Share it on: