CISA, DOE Warn of Attacks on Uninterruptible Power Supply (UPS) Devices

Threat actors are hacking Internet-connected uninterruptible power supply (UPS) devices, typically via default username and password combinations, the Cybersecurity and Infrastructure Security Agency
(CISA) and Department of Energy (DoE) warned this week in a joint alert.

The federal agencies recommend immediately removing UPS devices from the public Internet and ensuring that their management interface is behind a VPN or other security controls if it’s accessible via the Internet.

Change any factory-default passwords and employ multifactor authentication and strong passwords, CISA and DOE recommended in their alert.

Keep up with the latest cybersecurity threats, newly-discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

Read More HERE

Leave a Reply