While the Internet unequivocally opens the door to countless advantages ― from linking computers across the globe to accelerating communications to enabling online shopping ― at the same time it also provides a space for cybercriminals to squeeze through, threatening an organization’s security.
With today’s hackers constantly finding new ways to steal information and wreak havoc with businesses, it has never been more critical to proactively eliminate system vulnerabilities. Many are unaware that even an uninterruptible power supply (UPS) is vulnerable to hackers. When building a strong foundation to ensure operational success and safety in the wake of increasing cyber threats, it is imperative to ensure that your power system isn’t the weakest link in your defense strategy.
What is Cybersecurity?
There’s been no shortage of headline-grabbing cybercrime events in recent years, with threat actors increasingly targeting the critical infrastructure of commercial and industrial operators. In May 2021, for instance, the Colonial Pipeline suffered a ransomware cyberattack on the computerized equipment used to manage the line, shutting it down for several days and prompting President Biden to declare a national security threat. Roughly $4.5 million in ransom was paid in the attack, which was traced to a compromised password and lack of multi-factor authentication.
To put the risk of cybercrime into perspective: one in two Internet users in the U.S. had their accounts breached in 2021. In 2022, 71% of companies worldwide fell victim to a ransomware attack, with the cost of an exposure averaging $4.54 million ― not including the cost of the ransom itself. Meanwhile, the average cost of a data breach reached an all-time high in 2022, ringing in at $4.35 million.
Cybersecurity ― the practice of defending computers, servers, mobile devices, electronic systems, networks and data from malicious attacks ― is no longer a novelty but a necessity. Any threat that exists in the digital space can be considered a cybercrime, including viruses, hacking, identity theft and network security intrusions. Regardless of the specific attack surface or threat actors involved, these hazards require specialized cybersecurity measures ― beginning with your UPS devices.
Three Reasons UPS Cybersecurity is Essential
It’s important to recognize that several factors are contributing to the significant uptick in cybercrime, most notably:
1. We’re living in a connected world. As the business landscape becomes increasingly digitized, smarter and more connected infrastructure is being developed to support artificial intelligence (AI) and the proliferation of Internet of Things (IoT) sensors. Yet these devices and the vast amounts of data they generate leave organizations vulnerable to attack, dramatically increasing the attack surface and number of entry points into a network. The risk of information and computer security is further compounded by today’s progressively remote workforce.
2. Our power grid is vulnerable. Industrial control systems and the rise of distributed resources have taken a toll on the country’s already-aging electric grid, making it even more vulnerable to cyberattacks. In fact, a cybersecurity threat assessment by Dragos found that multiple hacking groups have the capability to interfere with or disrupt power grids across the U.S. At the same time, the number of cybercriminal operations targeting utility companies is growing.
3. The digital age has landed. Security issues are escalating as organizations rapidly pursue digital transformation and adopt new technologies and business processes. Danger is especially great for companies that lack integrated security solutions and complete visibility into user, system and network behavior.
When developing an approach to safeguard critical infrastructure against the seemingly endless range of digital threats, power protection equipment may not always rank top of mind. Yet Internet-connected UPS devices ― which allow administrators to perform various remote tasks such as power monitoring and routine maintenance ― can throw out a welcome mat for hackers, providing them entrée into your network.
How to Improve UPS Cybersecurity
Mitigating attacks against power supply devices is an essential part of an overall cybersecurity strategy. Federal agencies including the Cybersecurity and Infrastructure Security Agency (CISA) and the Department of Energy (DOE) are well aware of the risks, noting that threat actors most often gain access to UPS devices through unchanged default usernames and passwords.
Unfortunately, most UPSs are still monitored using insecure SNMPv1 or v2, which CISA has acknowledged to be highly vulnerable to cyber criminals. Even SNMPv3 includes inherent cyber flaws that make it vulnerable to attack. In addition, many SNMP cards manufactured in China have backdoors that can compromise the UPSs. The need to review and update cyber protections is even more critical for UPSs in distributed hybrid environments, where more endpoint devices are located at the edge of computing networks away from more highly secured, centralized data centers. This has dramatically increased the available attack surface for cybercriminals and hackers.
To reduce the likelihood of UPS systems being hacked, it is critical to implement the following measures:
1. Ensure UPSs are not accessible via the Internet. Organizations can mitigate attacks on UPS devices by removing management interfaces from the Internet. If connecting management interfaces to the Internet is required, administrators are advised to put the devices behind a virtual private network (VPN) and enable multifactor authentication (MFA).
2. Change the UPS’s default credentials. Check to make sure that the username and password are not set to the factory default ― and if they are, update them immediately. This ensures that going forward, threat actors cannot use their knowledge of default passwords to access your UPS. In addition to default credentials, threat actors can also use critical security vulnerabilities to enable remote takeovers of UPS devices.
3. Use strong passwords. Ensure that credentials for all UPSs and similar systems adhere to strong, long passwords or passphrases in accordance with National Institute of Standards and Technology guidelines.
4. Implement login timeout and lockout policies. These measures will help to block ongoing attacks against UPSs and similar systems.
4. Update UPS firmware. Failing to install firmware updates can increase a UPS’s vulnerability to hackers. In fact, Gartner predicts that 70% of organizations that do not have a firmware upgrade plan in place will be breached due to a firmware vulnerability. To avoid becoming a statistic, organizations should identify vulnerable devices, address them and avoid future cyber threats by integrating a firmware update policy into standard procedures.
5. Deploy a multi-faceted approach. Protecting against today’s ever-escalating cyber threats requires a resilient, layered approach in which devices are properly secured and a software layer is included to manage devices. Software and power systems must work together to ensure a cohesive, seamless and layered protection solution for optimal network security.
Learn More About UPS System Protection and Maintenance Through Unified Power
Regular preventive maintenance for your UPS system is an essential component of a sound cybersecurity strategy. Unified Power is a premier national critical power service provider, offering complete UPS and generator maintenance and repair services, turnkey electrical solutions, DC plant services, battery services and more. We can even help you complete risk assessments to identify potential cybersecurity vulnerabilities in your UPS systems. Learn more about how we can help ensure the ongoing, optimal performance of your critical power equipment.