CISA Issues New Warning Amid Russia-Ukraine Conflict

More than one month after Russia’s invasion of Ukraine, the Cybersecurity and Infrastructure Security Agency (CISA) has issued a specific joint warning with the Department of Energy, advising U.S organizations to secure UPS devices from potential attack.

The joint statement reads, “The Cybersecurity and Infrastructure Security Agency (CISA) and the Department of Energy are aware of threat actors gaining access to a variety of internet-connected uninterruptible power supply (UPS) devices, often through unchanged default usernames and passwords…Organizations can mitigate attacks against their UPS devices, which provide emergency power in a variety of applications when normal power sources are lost, by removing management interfaces from the internet.”

Not long after the advisory was issued, it was reported that the FBI had issued separate warnings to five American energy companies regarding Russian parties scanning their networks. This news is especially starke following announcements that the February 24th cyberattack on Viasat, a U.S satellite communications provider responsible for network services throughout Central and Eastern Europe, was the result of wiper malware with noted similarities to previous Russian hacks  – on the very same day the Russian invasion began.

To protect internet-connect UPS devices, the CSA is recommending two key measures:

1. Ensure UPS devices are not reachable over the Internet
2. For organizations that require internet connectivity, the CISA advises placing devices behind a virtual private network and enabling multi-factor authentications.
3. Check all UPS devices aren’t using factory defaults that could be easily manipulated.
4. Implement time limits and lockout policies on all devices to prevent ongoing attacks.

These are incredibly tumultuous times.

Our team is ready and able to help in any way we can, just as we always have been.

We’re only one email away.