InfoSecBulletin Cybersecurity for mankind
A study by Censys found that more than 145,000 Industrial Control Systems (ICS) are exposed online in 175 countries, highlighting a significant security risk.
The findings are alarming for the United States, which has over one-third of global exposures (48,000 systems). This shows a pressing need for improved cybersecurity in critical infrastructure. Other countries with significant ICS exposures include Turkey, South Korea, Italy, Canada, and Spain.
FBI investigating cyberattack at Oracle, Bloomberg News reports
OpenAI Offering $100K Bounties for Critical Vulns
Splunk Alert User RCE and Data Leak Vulns
CIRT alert Situational Awareness for Eid Holidays
Cyberattack on Malaysian airports: PM rejected $10 million ransom
Micropatches released for Windows zero-day leaking NTLM hashes
VMware Patches Authentication Bypass Flaw in Windows Tool
IngressNightmare
Over 40% of cloud environments are vulnerable to RCE
(CVE-2025-29927)
Urgently Patch Your Next.js for Authorization Bypass
Oracle refutes breach after hacker claims 6 million data theft
Regional data highlights the global nature of the problem, with 38% of exposed ICS devices in North America, 35.4% in Europe, and 22.9% in Asia, along with smaller percentages in Oceania, South America, and Africa. This shows that the issue crosses borders and needs a coordinated response from industries and governments.
The research identified several vulnerable protocols in ICS environments, including Modbus, IEC 60870-5-104, CODESYS, and OPC UA. Each protocol can serve as an entry point for attackers, highlighting the need for strong cybersecurity measures.
Regional trends show specific vulnerabilities. In Europe, protocols like Modbus, S7, and IEC 60870-5-104 are common, while North America relies on Fox, BACnet, ATG, and C-more. Protocols such as EIP, FINS, and WDBRPC are used in both regions, indicating a need for shared security solutions.
The consequences of these exposures are serious. ICS devices are essential for critical infrastructure like power grids, water systems, and manufacturing facilities. When inadequately protected online, they risk facing data breaches, operational disruptions, and physical damage.
The differences in exposure across regions highlight the need for specific security approaches. While global cooperation is important, each area’s unique protocols and usage require customized solutions to effectively tackle local risks.
The growing complexity of ICS environments, coupled with the adoption of IIoT technologies, is increasing the potential for attacks. This highlights the urgent need for proactive security measures in industrial systems.
The findings emphasize the urgent need for industries and policymakers to enhance ICS network security to safeguard national economies and public safety.
In summary, the discovery of over 145,000 vulnerable ICS systems worldwide poses a significant challenge in today’s digital age. By recognizing these vulnerabilities, stakeholders can collaborate to strengthen vital infrastructure against cyber threats.
Censys’s study highlights current ICS vulnerabilities and urges industries to implement stricter security measures to protect critical infrastructure.
The Censys study highlights the importance of improving security measures in industries that rely on ICS. The future of critical infrastructure relies on this.
