ICS/OT Threat Awareness – Censys Researchers Reveal Over 40,000 Vulnerable ICS Devices, Many Linked to Water and Wastewater

Research conducted by Censys, an internet intelligence platform, provides an extensive analysis of the exposure of industrial control systems (ICS), discovering over 40,000 vulnerable ICS devices in the U.S. alone. Excluding building control and automation protocols, there are approximately 18,000 exposed devices likely controlling critical industrial systems. Additionally, nearly half of the human-machine interfaces (HMIs) associated with water and wastewater systems were found to be vulnerable to manipulation without requiring any authentication. The analysis highlights significant security gaps in these systems, emphasizing the need for improved protection and awareness, especially in light of recent cyberattacks targeting critical infrastructure. WaterISAC urges utilities to protect their systems by following the guidance previously provided by CISA and other federal partners – Top Cyber Actions for Securing Water Systems – which includes actionable items that all utilities should take. Full article

Research conducted by Censys, an internet intelligence platform, provides an extensive analysis of the exposure of industrial control systems (ICS), discovering over 40,000 vulnerable ICS devices in the U.S. alone. Excluding building control and automation protocols, there are approximately 18,000 exposed devices likely controlling critical industrial systems. Additionally, nearly half of the human-machine interfaces (HMIs) associated with water and wastewater systems were found to be vulnerable to manipulation without requiring any authentication. The analysis highlights significant security gaps in these systems, emphasizing the need for improved protection and awareness, especially in light of recent cyberattacks targeting critical infrastructure. WaterISAC urges utilities to protect their systems by following the guidance previously provided by CISA and other federal partners – Top Cyber Actions for Securing Water Systems – which includes actionable items that all utilities should take. Full article