InfoSecBulletin Cybersecurity for mankind
A study by Censys found that more than 145,000 Industrial Control Systems (ICS) are exposed online in 175 countries, highlighting a significant security risk.
The findings are alarming for the United States, which has over one-third of global exposures (48,000 systems). This shows a pressing need for improved cybersecurity in critical infrastructure. Other countries with significant ICS exposures include Turkey, South Korea, Italy, Canada, and Spain.
Hackers Exploits RCE flaw in Cisco Small Business Router
CISA Alerts For Active Exploited Zimbra and Microsoft flaw
200 Fake GitHub Repos Attacking Developers to Deliver Malware
Renew Dubai visa within minutes with AI-powered Salama
CVE-2024-20953
CISA Flags Oracle Agile PLM Actively Exploited Security Flaw
Stablecoin Bank Hacked – Hackers Stolen $49.5M
CVE-2025-20029
PoC Exploit Released for F5 BIG-IP Command Injection Vuln
By 1 April 2025
Australia Bans Kaspersky on its govt systems and devices
CISA Flags Craft CMS Code Injection Flaw Amid Active Attacks
B1ack’s Stash Releases 1 Million Credit Cards on a Deep Web Forum
Regional data highlights the global nature of the problem, with 38% of exposed ICS devices in North America, 35.4% in Europe, and 22.9% in Asia, along with smaller percentages in Oceania, South America, and Africa. This shows that the issue crosses borders and needs a coordinated response from industries and governments.
The research identified several vulnerable protocols in ICS environments, including Modbus, IEC 60870-5-104, CODESYS, and OPC UA. Each protocol can serve as an entry point for attackers, highlighting the need for strong cybersecurity measures.
Regional trends show specific vulnerabilities. In Europe, protocols like Modbus, S7, and IEC 60870-5-104 are common, while North America relies on Fox, BACnet, ATG, and C-more. Protocols such as EIP, FINS, and WDBRPC are used in both regions, indicating a need for shared security solutions.
The consequences of these exposures are serious. ICS devices are essential for critical infrastructure like power grids, water systems, and manufacturing facilities. When inadequately protected online, they risk facing data breaches, operational disruptions, and physical damage.
The differences in exposure across regions highlight the need for specific security approaches. While global cooperation is important, each area’s unique protocols and usage require customized solutions to effectively tackle local risks.
The growing complexity of ICS environments, coupled with the adoption of IIoT technologies, is increasing the potential for attacks. This highlights the urgent need for proactive security measures in industrial systems.
The findings emphasize the urgent need for industries and policymakers to enhance ICS network security to safeguard national economies and public safety.
In summary, the discovery of over 145,000 vulnerable ICS systems worldwide poses a significant challenge in today’s digital age. By recognizing these vulnerabilities, stakeholders can collaborate to strengthen vital infrastructure against cyber threats.
Censys’s study highlights current ICS vulnerabilities and urges industries to implement stricter security measures to protect critical infrastructure.
The Censys study highlights the importance of improving security measures in industries that rely on ICS. The future of critical infrastructure relies on this.
