Thousands of industrial control systems (ICS) in the USA and the UK are vulnerable to cyber attacks. Critical infrastructure, such as the water supply, is also affected.
A new report from cybersecurity firm Censys reveals the alarming vulnerabilities of Industrial Control Systems (ICS), both in the United States and the United Kingdom. The findings are part of Censys’ State of the Internet 2024 report and show how easy it would be for cybercriminals or terrorists to attack and disrupt vital services such as water supply and power generation.
The report shows that over 40,000 ICS devices in the US are connected to the public internet. Even more concerning is that 18,000 of these devices are directly involved in managing industrial systems, making them lucrative targets for cybercriminals. The only exception is devices connected to building control protocols.
In comparison, there are around 1,500 exposed control systems in the UK and a further 1,700 publicly accessible HTTP devices connected to 26 different Operational Technology (OT) providers. Many of these devices are suspected to still be using the default credentials, opening the door to attackers.
According to the report, the situation is particularly worrying for water and wastewater systems. Almost half of the interfaces connected to these systems, which serve as an interface between humans and machines, were found to be manipulable without any authentication, making them easy prey for cyber criminals.
In their comments, the security researchers also draw attention to the difficulties in notifying operators or owners of compromised devices. As many of them are hosted on mobile networks or by commercial internet providers such as Verizon and Comcast in the USA, it is impossible to identify the organization or industry responsible.
Attacks on companies and operators of critical infrastructure are becoming increasingly common. It was only in April that foreign hackers disrupted the water supply in Texas. The report clearly shows that the cases to date have not yet led to a rethink among those responsible. This makes it all the more important to take action now and raise awareness of the threat and give increased priority to securing critical infrastructure. This also requires improved cooperation between operators and device manufacturers, as the security of critical infrastructures can only be improved if everyone involved pulls together.
(vp/8com)