October 6, 2022
The United States Cybersecurity and Facilities Security Company(CISA)and the Department of Energy this week issued guidance on mitigating attacks versus uninterruptible power supply (UPS) gadgets. The two federal government companies know risk actors targeting internet-connected UPS devices-- often abusing default login credentials-- and they advise instantly eliminating internet access to the management interface of these…

The United States Cybersecurity and Facilities Security Company(CISA)and the Department of Energy this week issued guidance on mitigating attacks versus uninterruptible power supply (UPS) gadgets.

The two federal government companies know risk actors targeting internet-connected UPS devices– often abusing default login credentials– and they advise instantly eliminating internet access to the management interface of these gadgets.

Developed to supply emergency power when normal source of power are lost, UPS gadgets are connected to networks for power tracking and routine upkeep, or simply for benefit.

To prevent potential attacks targeting UPSs, companies are encouraged to mention all such gadgets within their environments and ensure they are not available from the web.

[READ: CISA Releases Final IPv6 Security Assistance for Federal Agencies]

If a UPS device must be accessible from the internet, organizations must use defenses such as multifactor authentication, using a virtual private network (VPN), and strong, difficult-to-guess passwords.

Moreover, companies need to check their UPS devices for default usernames and passwords and alter those.

CISA likewise recommends that companies embrace login timeout/lockout features, in addition to sticking to strong password requirements for UPS devices and comparable systems.

UPS devices are likewise prone to vulnerabilities that hazard actors might attempt to exploit in attacks. Earlier this month, details were released on vulnerabilities impacting millions of UPSs from Schneider Electric subsidiary APC, which could be exploited remotely to alter gadget operations and trigger physical damage.

Another security hole in the very same devices might allow assaulters to modify the firmware of the UPS and accomplish long-lasting persistence on the network.

Related: CISA Alerts Crucial Facilities Organizations of Foreign Impact Operations

Related: CISA Releases Guidance on Getting Enterprise Mobile Devices

Related: NSA, CISA Concern Assistance on Picking and Securing VPNs


Source