Cybersecurity for Data Centers: Protecting Network-Connected Power Equipment

Your UPS, PDU, and Power Monitoring Systems Are Potential Cyber Attack Entry Points. Are They Secured?

By Molly Gross, Principal, Power Solutions, LLC

Any piece of equipment connected to your network can be a point of entry for malicious code — including your power infrastructure. Here is how to protect it.

Cyber-attacks target every connected device — including the UPS systems, network management cards, and power monitoring platforms in your data center. Major manufacturers Schneider Electric and Eaton have published best practices specifically for protecting critical power infrastructure from cyber threats. This whitepaper covers the essential steps: identifying potential points of vulnerability, minimizing risk through patching and access controls, hardening security across all layers, backing up systems and data, developing a written incident response plan, and testing that plan before an incident occurs. A compact but actionable guide for any IT professional responsible for both network security and power infrastructure.

Whitepaper Summary

Q: Can UPS equipment be a cyber security vulnerability?

A: Yes. Any network-connected equipment — including UPS systems with network management cards, power distribution units, and energy management software — can be a potential entry point for cyberattacks.

Q: What is the most effective way to recover from a malware attack on critical infrastructure?

A: Daily backups stored offline or in a secure, tamper-proof environment are the most effective recovery tool. Maintaining multiple backup versions ensures you can restore from before any infection.

Q: What steps should be taken to minimize cyber risk in a data center?

A: Key steps include applying vendor patches and firmware updates, using strong access controls, never leaving equipment in program mode, segmenting OT/IT networks where possible, and removing unnecessary network connectivity from power equipment.

Q: How should an incident response plan for a cyberattack be structured?

A: The plan should cover: disconnecting systems safely, setting up compensating controls for systems that must stay connected, documenting manual operation procedures, assigning staff responsibilities, and identifying government and vendor response resources.

Q: How do you test a cyber incident response plan?

A: Conduct walkthroughs with IT, OT, legal, and executive participants. Include scenarios for malfunctioning, inoperable, or compromised systems. Test system recovery backups and verify that manual operations are understood by all responsible staff.

Download this whitepaper.