Uninterruptible power systems (UPS) are essential components of any IT infrastructure but keeping them secure is usually an afterthought. They’re the black boxes that typically sit at the bottom of the IT rack, quietly doing their thing. UPS devices aren’t nearly as exciting as the servers, switches and firewalls that rely on them. Unfortunately, they aren’t an afterthought for hackers and cybercriminals. In March 2022, the Cybersecurity & Infrastructure Security Agency (CISA) and the Department of Energy issued an alertOpens a new window to warn about the consequences of malicious actors targeting UPS devices and share ways to mitigate such attacks.
The UPS backs up the digital world
The UPS is a ubiquitous component of any organization’s IT infrastructure today. According to IDCOpens a new window , worldwide digital transformation spending could reach $1.8 trillion by the end of 2022, with organizations prioritizing smart manufacturing, digital supply chain optimization, facility management, and operationalizing data and information. Digital transformation cannot occur without power, and because the digital economy never sleeps, a robust backup power system is absolutely essential. That usually comes in the form of a UPS.
Your UPS is an attack avenue
In today’s digitally-connected world, UPS devices have an ethernet connection just like any component in the modernized data center. These network connections allow IT personnel to update, troubleshoot, and receive alerts remotely. The problem is that every network connection represents an exploitable attack avenue into one’s network. Because companies are securing their primary data center components more effectively today, hackers now seek out neglected entry points of infiltration. A good example was the much-publicized data breachOpens a new window involving mega-retailer, Target. In this case, the attackers broke in through the company’s HVAC system. Threat actors have continued to target HVAC systems and other network-connected areas that traditionally have lacked sufficient security measures. Because UPSs are now interconnected with software, services, and other IT infrastructure, they present themselves as likely targets for hackers.
This is not where the troubles end. According to the EC-CouncilOpens a new window , today’s enterprise networks face an avalanche of malware attacks, Distributed Denial-of-Service (DDoS) attacks, and ransomware attacks that can cause data loss, damage to reputation, loss of revenue, and increased costs. Securing enterprise networks from these cybersecurity threats requires significant investments, continuous threat monitoring, and the enforcement of new security policies.
Despite efforts made by organizations, a studyOpens a new window by Positive Technologies revealed that external attackers can bypass 93% of enterprise networks and gain access to local resources. The company also found that it took hackers an average of four days to breach network perimeters. The most worrying finding was that in 71% of companies, even an unskilled hacker would be able to penetrate the internal network.
Why would hackers target your UPS?
So, if indeed threat actors are targeting UPS device fleets because they are the weak links in your cybersecurity chain, what do they hope to accomplish? By gaining access to your datacenter’s power sources, an attacker can potentially shut down your critical resources such as web applications, databases, AD infrastructure, etc. Like a ransomware or DDOS attack, power related incidents can cause great disruption to any company’s core operations. Even if a deliberate power outage isn’t the intent, hackers can use the connection to your power systems as a beachhead to invade your area as much as they can in HVAC attacks. Either way, we have reached a point in which companies can no longer afford to ignore the security of their UPS infrastructure. All network connected power components now require mitigation measures to ensure they are protected against deliberate attacks and malicious activity.
The impact of power outages
Power outages have and remain a consistent problem for enterprises today. According to Uptime’s 2022 Data Center Resiliency SurveyOpens a new window , 80% of data center managers and operators have experienced some type of outage in the past three years. More than 60% of outages result in at least $100,000 in total losses, up from 39% in 2019. 43% of outages are power related, with UPS failures being the single biggest cause of them and the lion’s share of IT downtime incidents are network related. Besides the obvious financial losses, outages can also inflict reputational damage and compliance breaches.
Security recommendations for UPS connections
Connecting a UPS device to the network using a network card makes it convenient for IT personnel to monitor and manage it, especially in today’s hybrid work environment. Unfortunately, it makes it convenient for cybercriminals to access them as well. According to the CISA, UPS devices are often left in their original factory default state that uses the default admin credentials which can be looked up on the internet by anyone. Your UPS devices must be secured with the same vigilance as your servers and switches. Some of the recommendations made by CISAOpens a new window include the following:
- Immediately change the default admin account credentials
- Ensure that UPS credentials adhere to strong password length requirements
- Adopt login timeout/lockout features to prevent credential stuffing attacks
- Only enable the services and protocols you need
- Only use a network interface card that supports TLS 1.2 and higher
- Make sure the device’s cybersecurity is certified by a trusted third-party such as the UL or IEC
- Ensure that your UPS network cards are not vulnerable to TLStorms (TLStorm is comprised of three zero-day exploits)
Of course, physical security still plays a big role in securing your UPS fleet. This includes the use of security locks on racks and some type of method of restricting access to those areas to authorized personnel only.
Why a Best-in-class Network Connectivity Card Matters
If it’s connected to the network, it needs to be secured. That’s a simple truth. In the case of your UPS system, that security begins with your network connectivity card. Network cards allow for secure monitoring and control of an individual UPS by connecting it directly to the network. This connectivity is the conduit for your device’s data and information, providing status alerts and remote capabilities. The notification features keep you informed of problems as they occur, avoiding shutdown in the event of an extended power outage, and always keeping your business information safe.
Modern network connectivity cards, such as the Eaton Gigabit Network Card (Network-M2)Opens a new window , keep IT administrators abreast of potentially disruptive power-related events affecting their networks. The Network-M2 features strong encryption, a configurable password policy and X.509 Public Key Infrastructure compatibility. Eaton’s dedication to security is demonstrated by the fact that their Gigabit Network Card and Industrial Gateway Card are the first UPS connectivity devices to meet both UL 2900-1Opens a new window and IEC 62443-4-2Opens a new window cybersecurity standards. Security today can never be an afterthought, and the Network-M2 was built with security from the ground up.
A closer look at the Eaton Network Card
The Eaton Gigabit Network Card (Network-M2) supports business continuity by providing administrators warnings of pending issues and helping perform an orderly shutdown of servers and storage. It also enables mass firmware updates with the new Eaton 5PX G2 UPS. Rather than deploying personnel to update dozens, hundreds or thousands of UPSs manually, IT administrators can update firmware via the UPS network card. This is ideal for enterprises that utilize multiple edge computing resources located far from the central IT support center. The Network-M2 features better speed and cybersecurity and offers a list of outstanding capabilities:
- Remotely manage your UPS over SNMP or the web
- Schedule automatic shutdowns or shed noncritical systems in case of an extended power failure
- Customizable actions (like shutdown) in case of a power problem
- Data & event logging
- eMail/pager/SMS notification
- Temperature/humidity monitoring through optional Environmental Sensor
- Easy deployment on large installed base (duplicate configuration)
- Flash upgradeable firmware
- Compatible with Eaton extensive power management suite (Network Shutdown Modules, Enterprise Power Manager and more)
The premise of the UPS is to provide your organization peace of mind that your IT can remain in control of your critical IT infrastructure and take the appropriate measures. That peace of mind is accentuated when you use network cards built with certified security.
The Eaton support team
It’s usually during highly stressful events when you feel the need for your UPS devices the most. That’s why Eaton puts great emphasis on their after-sales service and customer support. Eaton has a dedicated cybersecurity center of excellenceOpens a new window that offers real-time updates and insights to end users about the latest cybersecurity threats and safety protocols. During natural disasters, Eaton can quickly mobilize its seasoned service providers to respond to customers’ needs and help expedite the process of getting them back online. This includes the dispatching of Eaton field technicians who are highly trained in all facets of restoring backup power systems quickly and safely. When you are an Eaton customer, you have access to the latest technology and cybersecurity standards and a team of experts behind you when you need it most.
If it seems like there’s a lot more to a UPS connectivity than there used to be, you’re right. Businesses are far more reliant on their data centers than ever before, which means they depend equally on backup power systems. Your UPS devices and the teams that support them rely on reliable connectivity, which means that the network cards that integrate with your UPS systems must be modernized for today’s world, and robust enough to mitigate cybersecurity threats. If you never stopped to think about how critical the choice of a network management card could be, it’s about time you did. For more information about the Eaton Gigabit Network Card (Network-M2) and its capabilities, click hereOpens a new window .