CISA warns about Internet-connected UPS devices attacks
By MYBRANDBOOK
The Cybersecurity and Infrastructure Security Agency (CISA) in a joint advisory with the Department of Energy, warned U.S. organizations to secure Internet-connected UPS devices from ongoing attacks.
UPS devices are connected to the Internet to allow admins to perform various remote tasks such as power monitoring and routine maintenance, exposing them to attacks. They are also regularly used as emergency power backup solutions in mission-critical environments, including data centers, industrial facilities, server rooms, and hospitals.
The federal agencies said, “Organizations can mitigate attacks against their UPS devices, which provide emergency power in a variety of applications when normal power sources are lost, by removing management interfaces from the internet.”
The agency recommended mitigation measures including finding all UPSs and other emergency power systems on orgs' networks and ensuring they're not reachable over the Internet. The recommendations also include checking that the UPSs are not using factory default credentials to attackers' attempts to use them and take over the targeted devices.
Threat actors can also use critical security vulnerabilities to enable remote takeovers of uninterruptible power supply (UPS) devices and allow them to burn them out or disable power remotely.
Admins are advised to put the devices behind a virtual private network (VPN), enable multi factor authentication (MFA), and strong passwords or passphrases to hinder brute-forcing attempts.
Singapore to remove One-Time Passwords from Bank Accounts
According to the Monetary Authority of Singapore, clients who utilise secur...
Is 375 million Airtel subscribers database breached?
When a hacker claims to have accessed and put up for sale a customer databa...
The government of India intends to construct a single portal f
A single portal will be launched by the Indian government to list all of it...
OpenAI offers GPT-4o, a faster model available to all users at
GPT-4o, a faster and more sophisticated AI model, is made available to all...
Icons Of India : MUKESH D. AMBANI
Mukesh Dhirubhai Ambani is an Indian businessman and the chairman and ...
Icons Of India : Girish Mathrubootham
Girish Mathrubootham is the Founder of Freshworks (previously known ...
ICONS OF INDIA : RITESH AGARWAL
Ritesh Agarwal is an Indian billionaire entrepreneur and the founder a...
IFFCO - Indian Farmers Fertiliser Cooperative
IFFCO operates as a cooperative society owned and controlled by its fa...
ECIL - Electronics Corporation of India Limited
ECIL is distinguished by its diverse technological capabilities and it...
IOCL - Indian Oil Corporation Ltd.
IOCL is India’s largest oil refining and marketing company ...
Indian Tech Talent Excelling The Tech World - Rajiv Ramaswami, President & CEO, Nutanix Technologies
Rajiv Ramaswami, President and CEO of Nutanix, brings over 30 years of...
Indian Tech Talent Excelling The Tech World - REVATHI ADVAITHI, CEO- Flex
Revathi Advaithi, the CEO of Flex, is a dynamic leader driving growth ...
Indian Tech Talent Excelling The Tech World - ANJALI SUD, CEO – Tubi
Anjali Sud, the former CEO of Vimeo, now leads Tubi, Fox Corporation...