Are You Protecting Your UPS System From Cybersecurity Attacks?
The Covid-19 pandemic brought many rapid changes to human society, altering the way we live and work and in many instances the way in which we now conduct our regular business.
It became and has remained a commonly accepted practice for employees to work from home, on either a permanent or part time basis. This shift towards satellite working, while undoubtedly offering companies a much greater level of flexibility, relies heavily on the use of remote access systems to ensure employees remain connected with the business and with each other.
It is perhaps no great surprise that this trend for home working has not come without its own unique set of challenges. The growing reliance on the use of remote access systems opened many organisations up to potential hackers, which in turn has led to an unprecedented escalation in the number of cyberattack incidents, both globally and here in the UK.
The latest figures according to the CyberEdge 2022 Cyberthreat Defense Report, identified that 85% of UK organisations had suffered at least one cyberattack within the last 12 month period. The National Fraud Intelligence Bureau (NFIB) Fraud and Cyber Crime Dashboard tracked the losses resulting from these reports, finding that the varying types of cybercrime had cost UK businesses a whopping £3.1 billion between April 2021 – April 2022. A figure that is only set to rise as cyber criminals continue to exploit the emergency working measures that were set up on the back of the pandemic.
Understandably, business customers are now expressing increasing concerns regarding the cybersecurity protocols in place for the companies they choose to deal with. This growing level of unease, combined with government regulations, investor interest, public pressure and demand from employees are seeing a rise in organisations strengthening their cybersecurity position. Thankfully however, it is becoming accepted that this problem is a growing business risk rather than just a technical issue for IT teams to resolve.
Security and Risk Managers (SRM’s) are now being tasked with ways to demonstrate their commitment to reducing the risk of issues that may arise from the impacts of an attack.
- Data breaches of customer’s personal information
- Security issues from cyber-physical threats to software (tampering with data, elevation of privilege, information disclosure etc)
- Malicious activity (including ransomware) that has the potential to harm critical infra-structure
- The potential for misuse or abuse within a company’s own product range
- Hostile takeover of the UPS system within a production environment, instructing it to sabotage or even cease processes during a power outage
In many instances, all it takes for a cybercriminal group or individual to inflict damage to an organisation is to gain access to a single component within that businesses’ network. The incoming electrical supply and in house backup UPS units, offer an ideal hacking opportunity due to the digitisation of energy company smart meters and remote monitoring opportunities that UPS solutions now present.
As we follow the electrical supply from its initial source, it is possible to recognise where these threats and vulnerabilities lie and more importantly, the steps that business owners can take to protect themselves from malicious attacks. While many factors remain outside our control there are some very basic steps we can take to ensure we stay one step ahead.
Cybersecurity and the National Grid
The national grid is part of Great Britain’s Critical National Infrastructure (CNI) and as such is subject to security threats from terrorism, criminality and vulnerability within information technology and operational technology systems.
As the network was originally designed with sound engineering and safety considerations in mind, rather than from a mindset of protecting against malicious threats, programmes of physical security upgrades have needed to be rolled out across the varying sites over the years. Despite these improvements, the danger to energy systems is increasing due to the digitisation of energy assets and the convergence of IT systems with operational technology systems (that are used to control industrial processes and equipment).
To mitigate the severe social and economic consequences that would arise should such an attack occur, the UK government in conjunction with the Centre for the Protection of National Infrastructure (CPNI) and the National Cyber Security Centre (NCSC), set the requirements for the appropriate levels of physical and cyber resilience that must be achieved in the national interest.
These are regularly monitored to ensure network resilience and safety from the consequences of equipment failure and cyberattacks.
Cybersecurity, Smart Meters and UPS Solutions
As noted previously, the increasing use of remote systems in today’s home and workplace, combined with the explosion in demand for Internet of Things (IoT) devices has led to heightened levels of vulnerability within business operational systems too.
The digitisation of energy assets, outside the national grid, has left companies vulnerable to hacking, with the encrypted security measures for communication in some smart meters offering little more than a sticking plaster, according to Nick Hunn, strategist for technology firm WiFore. Whilst the solution to this particular issue remains solely in the hands of the energy companies who supply them, there are protocols Security Managers can put in place to protect all secondary and/or tertiary power supply systems.
Used to provide clean, emergency backup power for a wide variety of critical applications, the UPS system has become a vital piece of equipment in today’s business environment - which also makes it particularly vulnerable to attack.
Why are UPS Systems Vulnerable to Cyberattacks
In recent years, UPS manufacturers have been incorporating sophisticated capabilities into the design of their units, to allow for the remote monitoring of the system and the environment that surrounds it. The ability to track these units from anywhere in the world however has opened the devices up to external networks, allowing the perfect opportunity for online attackers to gain access.
The units rely on the internet standard simple network management protocol or SNMP. As the name suggests, SNMP is based on simplicity. It works using a group of eight different protocol data units (PDU) that contain variables and data about the network or the managed component, which in this instance is the UPS solution. SNMP uses the PDU protocol for the data transfer. Due to the simplicity of the protocol, earlier versions of the standard do not encrypt the data leaving it exposed to threats.
How Can I Protect My UPS System from Cyberattacks?
A number of best practices can be taken to ensure greater protection of the UPS unit within either a business or home working environment:
Make sure your UPS solution has not outlasted its service life and is running the latest revision of firmware.
Change the UPS’s username and password from the default factory settings.
Ensure the device is behind a firewall and not open to public networks.
Make sure any remote access is done via a virtual private network (VPN) for an added layer of security.
Use multi-factor authentication and implement strong passwords or passphrases.
Adopt login timeout and lockout features to ensure UPS devices are not continually online.
Where possible, isolate the UPS unit from external networks.
Create an isolated UPS network with a single point of access to balance both security and flexibility.
As documented earlier, the risk of cyberattack is growing for all businesses. Whilst certain elements within the electrical supply chain are out of our control, others are not. The simple measures as outlined above, can be quickly and easily implemented making it much more difficult for hackers to gain access to online UPS systems. Where ‘in-house’ operational staff lack the capabilities to apply the above, UPS engineers may be required to modify the settings to ensure the units are operating securely and offering the highest level of protection available.
If you have not already checked on the protocols you currently have in place, then do it today – make sure your company doesn’t become the next UK statistic.
Need help protecting your UPS solutions from cyberattacks? Secure Power has been providing critical power solutions for over a decade and has an industry wide reputation for delivering first class backup power services. With preventative maintenance at the core of its business, Secure Power has its own team of engineers, available nationwide, 24/7. The company offers a wide range of UPS end-to-end project management solutions alongside ongoing maintenance and service works, UPS battery testing, removal and relocation. For more information about how Secure Power can protect your business from malicious attacks please get in touch with a member of our team on 0800 080 3118.