Security News > 2022 > March > CISA warns of attacks targeting Internet-connected UPS devices
In a joint advisory with the Department of Energy, the Cybersecurity and Infrastructure Security Agency warned U.S. organizations today to secure Internet-connected UPS devices from ongoing attacks.
UPS devices are regularly used as emergency power backup solutions in mission-critical environments, including data centers, industrial facilities, server rooms, and hospitals.
They're also connected to the Internet to allow admins to perform various remote tasks such as power monitoring and routine maintenance, which also exposes them to attacks.
"Organizations can mitigate attacks against their UPS devices, which provide emergency power in a variety of applications when normal power sources are lost, by removing management interfaces from the internet."
If connecting their management interfaces to the Internet cannot be avoided, admins are advised [PDF] to put the devices behind a virtual private network, enable multifactor authentication, and strong passwords or passphrases to hinder brute-forcing attempts.
Threat actors can also use critical security vulnerabilities to enable remote takeovers of uninterruptible power supply devices and allow them to burn them out or disable power remotely.
News URL
Related news
- CISA: No Wider Federal Impact from Treasury Cyber Attack, Investigation Ongoing (source)
- CISA warns of critical Oracle, Mitel flaws exploited in attacks (source)
- CISA orders agencies to patch BeyondTrust bug exploited in attacks (source)
- CISA Adds Second BeyondTrust Flaw to KEV Catalog Amid Active Attacks (source)
- 48,000+ internet-facing Fortinet firewalls still open to attack (source)
- CISA tags Microsoft .NET and Apache OFBiz bugs as exploited in attacks (source)
- CISA orders agencies to patch Linux kernel bug exploited in attacks (source)
- CISA Flags Craft CMS Vulnerability CVE-2025-23209 Amid Active Attacks (source)
- CISA flags Craft CMS code injection flaw as exploited in attacks (source)