Overview

The global buildout of AI training and inference infrastructure has made data centers a critical OT environment — one that receives significantly less security scrutiny than traditional industrial facilities. A hyperscale data center supporting AI workloads operates at 100–500MW of electrical load, runs cooling systems that must maintain millisecond response times to protect compute hardware, and depends on Electrical Power Management Systems (EPMS) that route power across multiple redundant paths. The OT components that control these systems — Building Management Systems (BMS), cooling plant controllers, UPS management platforms, and power distribution units — share the same characteristics that make industrial OT insecure: legacy hardware, infrequently patched firmware, proprietary protocols, and operational cultures that prioritise uptime over security.

This briefing covers the OT attack surface in data center environments and the mitigations appropriate for this sector.

The OT Footprint in Data Centers

Modern large-scale data centers contain an OT infrastructure that is comparable in complexity to a mid-size industrial facility:

Building Management Systems (BMS): Central SCADA-like platforms that monitor and control HVAC, fire suppression, access control, and environmental sensors. Commonly built on Niagara Framework (Tridium), Siemens Desigo CC, or Honeywell EBI. BMS platforms aggregate data from hundreds of field devices via BACnet, Modbus, and LonWorks protocols.

Electrical Power Management Systems (EPMS): Monitor and control power distribution from utility feed through transformers, switchgear, UPS systems, PDUs (power distribution units), and breakers to individual rack feeds. EPMS platforms (Schneider Electric EcoStruxure Power, Eaton Brightlayer, ABB Ability) operate over Modbus and SNMP with web-based management interfaces.

Cooling Infrastructure Controllers: Precision cooling in data centers uses Computer Room Air Conditioning (CRAC) and Computer Room Air Handler (CRAH) units controlled by embedded PLCs and management interfaces. In larger facilities, chilled water plant controllers (chillers, cooling towers, pumps) are managed by dedicated building automation platforms that communicate with the broader BMS.

UPS Management Systems: Uninterruptible power supply systems in data centers have their own network-accessible management cards. UPS network management cards (Schneider Electric APC, Eaton, Vertiv) are often internet-accessible for remote monitoring, are frequently unpatched, and in several cases have known exploitable vulnerabilities (the Schneider APC critical CVEs published in 2022–2023 remained unpatched in a substantial fraction of installations two years after disclosure).

Vulnerability and Exposure Landscape

Niagara Framework (Tridium JACE)

Niagara is the dominant BMS platform in commercial and data center environments. It’s based on Java, runs on embedded JACE controllers and server-class N4 software, and exposes a web-based Fox protocol interface typically on TCP port 4911.

Tridium Niagara has a history of significant vulnerabilities: multiple authentication bypass issues, XXE injection, path traversal flaws, and credential storage weaknesses have been disclosed over its two-decade deployment history. Niagara installations in data centers are often unpatched — updates require HVAC/BMS contractor involvement, create HVAC downtime risk, and fall outside the standard IT patching cycle.

Shodan data consistently shows tens of thousands of internet-exposed Niagara JACE controllers globally. In data center environments, JACE controllers may be on separate management VLANs, but these VLANs are not always isolated from internet-routable paths.

SNMP on EPMS and UPS Management

SNMP v1 and v2c are still widely deployed on EPMS platforms and UPS network management cards. Community strings for SNMP v2c are unauthenticated; with read-write access, an attacker can modify MIB values that control power thresholds and alarm settings. In the context of a UPS, being able to modify battery charge thresholds or initiate a self-test (which briefly transfers to battery) has operational impact.

SNMP enumeration of an EPMS platform provides an attacker with a detailed map of the data center’s power topology: which circuits feed which equipment, current draw on each branch, and alert thresholds that trigger transfer to backup power.

Cooling Plant Vulnerabilities

Cooling is the most operationally sensitive OT system in a data center. A large GPU training cluster at 50–100kW per rack generates heat loads that can damage hardware within minutes of cooling failure. CRAC and CRAH unit controllers, and the chilled water plant PLCs that supply them, are primary targets for adversaries seeking to cause physical damage to compute infrastructure without touching the servers directly.

Chiller plant controllers from major vendors (Carrier, Trane, York/Johnson Controls) run on proprietary embedded platforms that are updated infrequently. The Johnson Controls Metasys BMS platform, for instance, has had multiple critical vulnerabilities disclosed in recent years and is deployed widely across commercial and data center facilities.

Modbus and BACnet Protocol Weaknesses

The field bus protocols used in data center OT environments — Modbus TCP and BACnet/IP — have no authentication mechanisms in their base specifications. Any device on the network that can reach a Modbus-accessible controller can issue read or write commands. BACnet, while it has a security extension (BACnet/SC), is overwhelmingly deployed without it.

In a data center with inadequate OT network segmentation, an attacker who compromises the IT network and finds a routing path to the OT VLAN can issue Modbus coil write commands to CRAC unit controllers or BACnet WriteProperty commands to BMS points — without credentials.

Threat Actor Context

No major nation-state attack on data center OT infrastructure has been publicly attributed as of mid-2026. The primary concerns at present are:

Pre-positioning for future disruption. Groups assessed to be conducting strategic pre-positioning in Western critical infrastructure — including Volt Typhoon — have documented interest in critical facility infrastructure. Data centers supporting AI development and cloud services are an increasingly attractive category.

Ransomware escalation paths. Ransomware affiliates who achieve IT network access in data center operator environments may pivot to OT management networks if segmentation is insufficient. The impact ceiling from OT access — controlled cooling shutdown, EPMS alarm suppression — is higher than from encrypting IT systems alone.

Opportunistic access via internet-exposed management interfaces. Internet-accessible Niagara JACE controllers, UPS network management cards, and EPMS web interfaces are routinely scanned and exploited by opportunistic actors.

Network segmentation. OT systems (BMS, EPMS, cooling plant) must be on network segments without internet routing and without direct adjacency to the corporate IT network. Jump server architecture for OT access, enforced by next-generation firewall policies, is the baseline.

Inventory all internet-exposed OT interfaces. Run Shodan searches against your public IP space for Niagara Fox protocol (TCP 4911), BACnet UDP broadcast, SNMP, and common EPMS web UI ports. Every result that hits your IP space is an incident waiting to happen.

Patch UPS network management cards. These are the most accessible entry point into data center OT environments and the most frequently neglected. Schneider APC, Eaton, and Vertiv all maintain firmware update mechanisms. Establish a quarterly patching cycle for UPS management firmware as a minimum.

Disable SNMP v1/v2c on EPMS and UPS systems where possible. Where legacy protocol support is required, restrict SNMP access by source IP at the network layer. Change community strings from defaults.

Implement OT monitoring. Passive monitoring tools (Claroty, Dragos, Nozomi Networks) that observe BACnet, Modbus, and SNMP traffic can detect anomalous commands — unexpected WriteProperty values, Modbus coil writes from unexpected source addresses, SNMP community string enumeration. This visibility is currently absent in most data center OT environments.

Contractual requirements for BMS/EPMS vendors. Data center operators engage multiple contractors for BMS and EPMS management. Vendor access to OT management networks should be via controlled, logged remote access sessions — not persistent VPN connections or local accounts with shared credentials.

References

Tags
data-centerBMSEPMScoolingOT-securityICSModbusBACnetNiagaraUPSCRACAI-infrastructure2026