Group Purchasing
Group Purchasing

New Kind of Critical Infrastructure: Uncovering Vulnerabilities in AI Data Center Equipment

New Kind of Critical Infrastructure: Uncovering Vulnerabilities in AI Data Center Equipment (PDF, 5.23MB)Last updated: 09 Jun, 2026
Presented by:
Amir Zaltzman
Amir Zaltzman

AI is the latest craze that makes the world go round, and to satisfy the demand we are witnessing a desperate gold rush of compute. This has transformed data centers from boring server farms into the critical infrastructure of the modern era, diverting supply chains and packing as much compute to feed the LLM machine. But while companies only care about kilowatt-hours and compute “horse power”, we asked the better question - could hackers cause everything to melt down? In order to keep the AI agents running, a huge amount of power is needed, which obviously generates a lot of heat. So the two issues each data center needs to overcome is keeping all the servers running, and to dissipate the heat generated from it. These two points are exactly what we focused on in our research - can we cause blackouts and shutdown servers inside the data center, and could we attack the cooling ecosystem and cause everything to heat up and malfunction. In this talk we will showcase our research into two types of devices heavily used in data center environments. First, we will showcase our research into the network card of a popular uninterruptible power supply (UPS), how we were able to research and analyze the card without requiring the power supply itself (which cost thousands of dollars and takes a whole room) or a public datasheet, using pin analysis and “hotwiring” it to boot. Next, we will showcase a vulnerability chain we discovered on the device allowing attackers to take control over the entire UPS system and shut down servers remotely - causing disruptions. Finally, we will showcase vulnerabilities we discovered in a popular cooling system controller which orchestrates the entire cooling ecosystem, from chillers and compressors to HVACs. By attacking this controller it is possible to take down the entire system and cause proper meltdowns to the entire data center.

SANS ICS Security Summit 2026