CISA and the U.S. Department of Energy (DOE) are aware of threat actors gaining access to a variety of internet-connected uninterruptable power supply (UPS) devices, often through unchanged default usernames and passwords. Organizations can mitigate attacks against their UPS devices, which provide emergency power in a variety of applications when normal power sources are lost, by removing management interfaces from the internet.
Organizations can mitigate attacks against UPS devices by immediately removing management interfaces from the internet. Review CISA and DOE’s guidance on mitigating attacks against UPS devices for additional mitigations and information.