'A single cyber incident can lead to physical disruption, create safety hazards, or cause catastrophic downtime': Hackers target data center
equipment, including critical power devices, in latest push to disrupt communities
Date:
Wed, 17 Jun 2026 21:05:00 +0000
Cybersecurity researchers found vulnerabilities in power and cooling systems inside data centers that could allow attackers to disrupt physical infrastructure operations -- Modern data
centers face a growing threat from cybercriminals who now target physical infrastructure components rather than just software systems, as attackers
know compromising a single power device or climate control unit could trigger massive operational failures across entire computing facilities.
The financial stakes are extraordinarily high because downtime in these facilities often costs hundreds of thousands of dollars per hour. Recent research from Claroty's Team82 has now uncovered severe vulnerabilities in
two essential categories of data center equipment widely deployed across
major facilities, raising concerns for users everywhere.
The first set of problems affects Vertiv's Uninterruptible Power
Supply (UPS) network cards, which maintain stable electricity during grid fluctuations or blackouts.
Any successful exploit of these flaws could effectively shut down every
server and router depending on that power protection system.
The second discovery involves deeply buried weaknesses within Trane Tracer
SC+ HVAC controllers that regulate temperatures in server rooms.
An attacker exploiting these issues could execute unauthenticated remote code and gain complete control over a building's environmental management systems without any prior access credentials.
Standard protections such as antivirus software may not fully cover these systems because they directly control physical infrastructure rather than
just data.
This creates a risk where malware or targeted attacks could affect both
digital services and the physical environment supporting them.
Data centers must make a fundamental shift in how they redefine their cyber
and operational resilience goals, given that a single cyber incident can lead to physical disruption, create safety hazards, or cause catastrophic
downtime, said Amir Preminger, CTO of Claroty and head of Team82.
Our research shows that the risk to data center stability is very real and
very present. Data center operators must move quickly to treat CPS protection as a business imperative to drive risk reduction and maintain operational uptime.
Preminger also noted that increasing demand from cloud computing and AI is making these systems more critical than ever before.
The vulnerabilities were disclosed to manufacturers Trane and Vertiv, who worked with researchers to fix the issues before public release. Data center operators need to act fast The world now depends heavily on AI workloads running exclusively inside data centers that governments and industry increasingly treat as critical infrastructure.
Threat actors are simultaneously deploying AI-enabled attacks while targeting physical systems that sit outside traditional security perimeters.
A compromised UPS device cannot be fixed by rebooting a server because the power path itself becomes the attack surface.
Similarly, a weaponized HVAC controller could trigger automatic shutdowns across entire server rooms to prevent permanent hardware destruction.
Every data center operator must recognize that cyber-physical convergence
means a single intrusion can cross from digital to physical domains almost instantly.
Securing power equipment and climate control panels against remote code execution is now just as critical as protecting customer databases.
No security team can afford to treat power gear and HVAC panels as secondary concerns behind firewalls and encryption protocols.
Link to news story:
https://www.techradar.com/pro/security/a-single-cyber-incident-can-lead-to-phy sical-disruption-create-safety-hazards-or-cause-catastrophic-downtime-hackers- target-data-center-equipment-including-critical-power-devices-in-latest-push-t o-disrupt-communities
$$
--- SBBSecho 3.28-Linux
* Origin: Capitol City Online (1:2320/107)