CISA, DOE Warn of Attacks on Uninterruptible Power Supply (UPS) Devices
Threat actors are hacking Internet-connected uninterruptible power supply (UPS) devices, typically via default username and password combinations, the Cybersecurity and Infrastructure Security Agency
(CISA) and Department of Energy (DoE) warned this week in a joint alert.
The federal agencies recommend immediately removing UPS devices from the public Internet and ensuring that their management interface is behind a VPN or other security controls if it’s accessible via the Internet.
Change any factory-default passwords and employ multifactor authentication and strong passwords, CISA and DOE recommended in their alert.
Read More HERE