Hackers have managed to find a way to successfully gain access to uninterruptable power supply (UPS) computer systems, according to a report from The Cybersecurity and Infrastructure Security Agency (CISA).
As reported by Bleeping Computer and Tom’s Hardware, both the Department of Energy and CISA issued a warning to organizations based in the U.S. that malicious threat actors have started to focus on infiltrating UPS devices, which are used by data centers, server rooms, and hospitals.
UPS devices allow companies to rely on emergency power when the central source of power is cut off for any given reason. If the attacks concentrated on these systems come to fruition, the consequences could prove to be catastrophic. In fact, it could cause PCs or their power supplies to burn up, potentially leading to fires breaking out at data centers and even homes.
Both federal agencies confirmed that hackers have found entry points to several internet-connected UPS devices predominantly via unchanged default usernames and passwords.
“Organizations can mitigate attacks against their UPS devices, which provide emergency power in a variety of applications when normal power sources are lost, by removing management interfaces from the internet,” the report stated.
Other mitigation responses the agencies recommended putting in place include safeguarding devices and systems by protecting them through a virtual private network, applying multi-factor authentication, and making use of effective passwords or passphrases that can’t be easily deciphered.
To this end, it stresses that organizations change UPS’s usernames and passwords that have remained on the factory default settings. CISA also mentioned that login timeout and lockout features should be applied as well for further protection.
Severe consequences
The report highlights how UPS vendors have increasingly incorporated a connection between these devices and the internet for power monitoring and routine maintenance purposes. This practice has made these systems vulnerable to potential attacks.
A prime example of hackers targeting UPS systems is the recently discovered APC UPS zero-day bugs exploit. Known as TLStorm, three critical zero-day vulnerabilities opened the door for hackers to obtain admin access to devices belonging to APC, a subsidiary of an electrical company.
If successful, these attacks could severely impact governmental agencies, as well as health care and IT organizations, by burning out the devices and disabling the power source remotely.
The number of cyberattacks against crucial services has been trending upwards in recent years as cybercriminals progressively identify exploits. For example, cyberattacks against health care facilities almost doubled in 2020 compared to 2019.
It’s not just large organizations that are being targeted — online criminals stole nearly $7 billion from individuals in 2021 alone.