Skip to main content

Not even your PC’s power supply is safe from hackers

Hackers have managed to find a way to successfully gain access to uninterruptable power supply (UPS) computer systems, according to a report from The Cybersecurity and Infrastructure Security Agency (CISA).

As reported by Bleeping Computer and Tom’s Hardware, both the Department of Energy and CISA issued a warning to organizations based in the U.S. that malicious threat actors have started to focus on infiltrating UPS devices, which are used by data centers, server rooms, and hospitals.

APC UPS backup battery sits on a desk.

UPS devices allow companies to rely on emergency power when the central source of power is cut off for any given reason. If the attacks concentrated on these systems come to fruition, the consequences could prove to be catastrophic. In fact, it could cause PCs or their power supplies to burn up, potentially leading to fires breaking out at data centers and even homes.

Both federal agencies confirmed that hackers have found entry points to several internet-connected UPS devices predominantly via unchanged default usernames and passwords.

“Organizations can mitigate attacks against their UPS devices, which provide emergency power in a variety of applications when normal power sources are lost, by removing management interfaces from the internet,” the report stated.

Other mitigation responses the agencies recommended putting in place include safeguarding devices and systems by protecting them through a virtual private network, applying multi-factor authentication, and making use of effective passwords or passphrases that can’t be easily deciphered.

To this end, it stresses that organizations change UPS’s usernames and passwords that have remained on the factory default settings. CISA also mentioned that login timeout and lockout features should be applied as well for further protection.

Severe consequences

The report highlights how UPS vendors have increasingly incorporated a connection between these devices and the internet for power monitoring and routine maintenance purposes. This practice has made these systems vulnerable to potential attacks.

A prime example of hackers targeting UPS systems is the recently discovered APC UPS zero-day bugs exploit. Known as TLStorm, three critical zero-day vulnerabilities opened the door for hackers to obtain admin access to devices belonging to APC, a subsidiary of an electrical company.

If successful, these attacks could severely impact governmental agencies, as well as health care and IT organizations, by burning out the devices and disabling the power source remotely.

The number of cyberattacks against crucial services has been trending upwards in recent years as cybercriminals progressively identify exploits. For example, cyberattacks against health care facilities almost doubled in 2020 compared to 2019.

It’s not just large organizations that are being targeted — online criminals stole nearly $7 billion from individuals in 2021 alone.

Editors' Recommendations

Zak Islam
Computing Writer
Zak Islam was a freelance writer at Digital Trends covering the latest news in the technology world, particularly the…
Hackers dug deep in the massive LastPass security breach
The LastPass logo appears in front of a menacing hooded figure.

The cybersecurity breach that LastPass owner GoTo reported in November 2022 keeps getting worse as new details are revealed, calling into question the company's transparency on this serious issue.

It has been two months since GoTo shared the alarming news that hackers stole the usernames, passwords, email addresses, phone numbers, IP addresses, and even billing information of LastPass users. In GoTo's latest blog update, the company reported that several of its other products were compromised as well.

Read more
Hackers just stole LastPass data, but your passwords are safe
A physical lock placed on a keyboard to represent a locked keyboard.

The developers behind password management software LastPass have just shared some concerning news: Bad actors were recently able to access “elements of our customers’ information” in a recent security breach.

It’s the second time in just a couple of months that LastPass has suffered a security incident, and it appears the two events are directly linked. That’s because LastPass’s developers say that the unauthorized party was able to access customer data “using information obtained in the August 2022 incident.”

Read more
This Chrome extension lets hackers remotely seize your PC
A depiction of a hacker breaking into a system via the use of code.

Malicious extensions on Google Chrome are being used by hackers remotely in an effort to steal sensitive information.

As reported by Bleeping Computer, a new Chrome browser botnet titled 'Cloud9' is also capable of logging keystrokes, as well as distributing ads and malicious code.

Read more