Censys Launches Part One of the 2024 State of the Internet Report: Industrial Control Systems

The report dives into exposed Industrial Control Systems (ICS) devices around the world and how Water and Wastewater Systems (WWS) can be easily manipulated without authentication

ANN ARBOR, Mich., Aug. 7, 2024 /PRNewswire/ — Today, Censys, who provides the leading Internet Intelligence Platform for Threat Hunting and Attack Surface Management, published the first part of its annual State of the Internet Report focusing on exposed Industrial Control Systems (ICS) in the United States (U.S.) and the United Kingdom (U.K.).

Recent attacks highlight how critical infrastructure systems can be easily manipulated by threat actors. Since 2023, the security industry witnessed several attacks from the Iranian Revolutionary Guard Corps-affiliated CyberAv3ngers, who defaced Israeli-manufactured Unitronics devices, and Cyber Army of Russia Reborn who overflowed several water tanks in Texas by manipulating Internet-exposed human-machine interfaces (HMIs).

Censys’ comprehensive internet visibility enabled us to identify significant ICS exposures in the U.S. and U.K., including:

  • More than 40,000 internet-connected ICS devices in the U.S.
    • Excluding known building control protocols, Censys found 18,000 exposed devices that are more likely to control industrial systems
  • Nearly 50% of the HMIs associated with water and wastewater systems (WWS) identified could be manipulated without any authentication required
  • Approximately 1,500 control systems were identified in the U.K. as exposed on the public internet, as discovered through scans of 18 automation protocols
  • In the U.K., Censys identified roughly 1,700 publicly accessible HTTP devices associated with 26 operational technology (OT) vendors; many likely support default credentials
    • Over 80% of administration interfaces discovered are for building controls
  • Over half of the hosts that are running low-level automation protocols are concentrated in cellular networks and commercial internet service providers (ISPs), including Verizon and Comcast, making notifications to owners of these devices impossible in many cases

“It is imperative that we shed light on the exposure of ICS as they are essential to our critical infrastructure across the globe. The goal for our research was to not only discover the exposed devices, but to notify device owners of their improper exposure,” said Brad Brooks, CEO of Censys. “Censys’ comprehensive data set, predictive scan engine, and most up-to-date map of the internet gives us the unique opportunity to see beyond what other vendors in the attack surface management space can. This visibility is why the U.S. government trusts Censys to provide them with the information and solutions needed to protect critical infrastructure across the country.”

Censys takes pride in ensuring that the cybersecurity community has visibility into the most pressing security issues, including control system exposure. To provide users with additional resources and information, Censys recently launched its Community Forum, an online platform where security professionals can discuss topics focused on threat hunting and attack surface management.

Part one of the 2024 State of the Internet Report: Industrial Control System report is available here: https://censys.com/research-report-internet-connected-industrial-control-systems-part-one

About Censys

Censys, Inc.™ is the leading Internet Intelligence Platform for Threat Hunting and Attack Surface Management. Founded in 2017 in Ann Arbor, Michigan, Censys provides organizations with the most comprehensive real-time view of Internet infrastructure. Customers like Google, Cisco, Microsoft, Samsung, Swiss Armed Forces, the U.S. Department of Homeland Security, Cybersecurity & Infrastructure Security Agency, and over 50% of the Fortune 500 rely on Censys for a real-time, contextualized view into their internet and cloud assets. At Censys, you can be yourself. We like it that way. Diversity fuels our mission, and we are committed to inclusion across race, gender, age and identity. To learn more, visit censys.com and follow Censys on Twitter, Mastodon and LinkedIn.

SOURCE Censys


Go to Source