InfoSecBulletin Cybersecurity for mankind
A study by Censys found that more than 145,000 Industrial Control Systems (ICS) are exposed online in 175 countries, highlighting a significant security risk.
The findings are alarming for the United States, which has over one-third of global exposures (48,000 systems). This shows a pressing need for improved cybersecurity in critical infrastructure. Other countries with significant ICS exposures include Turkey, South Korea, Italy, Canada, and Spain.
Over 145,000 ICS Across 175 Countries Found Exposed Online
World to see AI powered “human washing machines”
Hacker compromised over 2000 Palo Alto Networks Firewalls
“Forces Penpals” exposed US and UK Military Social Network’s 1 Million Records
CVE-2024-51503
Trend Micro released updates for Deep Security Agent RCE
Apple Releases Patch for two Actively Exploited Zero-Day
Maxar Space Data Leak, Company admit, Investigation ongoing!
GitHub CLI Vulnerability Could Allow RCE
“Sarcoma” ransomware group
Hacker to disclose “Popular Life Insurance” 36 GB of stolen data
BugHunt 2024: A Milestone Cyber security Competition held at Dhaka
Regional data highlights the global nature of the problem, with 38% of exposed ICS devices in North America, 35.4% in Europe, and 22.9% in Asia, along with smaller percentages in Oceania, South America, and Africa. This shows that the issue crosses borders and needs a coordinated response from industries and governments.
The research identified several vulnerable protocols in ICS environments, including Modbus, IEC 60870-5-104, CODESYS, and OPC UA. Each protocol can serve as an entry point for attackers, highlighting the need for strong cybersecurity measures.
Regional trends show specific vulnerabilities. In Europe, protocols like Modbus, S7, and IEC 60870-5-104 are common, while North America relies on Fox, BACnet, ATG, and C-more. Protocols such as EIP, FINS, and WDBRPC are used in both regions, indicating a need for shared security solutions.
The consequences of these exposures are serious. ICS devices are essential for critical infrastructure like power grids, water systems, and manufacturing facilities. When inadequately protected online, they risk facing data breaches, operational disruptions, and physical damage.
The differences in exposure across regions highlight the need for specific security approaches. While global cooperation is important, each area’s unique protocols and usage require customized solutions to effectively tackle local risks.
The growing complexity of ICS environments, coupled with the adoption of IIoT technologies, is increasing the potential for attacks. This highlights the urgent need for proactive security measures in industrial systems.
The findings emphasize the urgent need for industries and policymakers to enhance ICS network security to safeguard national economies and public safety.
In summary, the discovery of over 145,000 vulnerable ICS systems worldwide poses a significant challenge in today’s digital age. By recognizing these vulnerabilities, stakeholders can collaborate to strengthen vital infrastructure against cyber threats.
Censys’s study highlights current ICS vulnerabilities and urges industries to implement stricter security measures to protect critical infrastructure.
The Censys study highlights the importance of improving security measures in industries that rely on ICS. The future of critical infrastructure relies on this.
