A recent report highlighted by HackRead reveals that more than 180,000 industrial control systems (ICS) and operational technology (OT) devices are currently accessible from the public internet, significantly increasing the risk of cyberattacks with potentially serious physical consequences.
The cybersecurity firm Bitsight, whose findings are summarized in the HackRead article, warns that the number of exposed ICS/OT devices increased over 10% during 2024. The monthly count of publicly accessible systems rose from around 160,000 to over 180,000, with projections indicating this figure could exceed 200,000 within the next year if the trend persists.
These devices are integral to managing physical processes such as power grids, water treatment facilities, and manufacturing operations. Unlike traditional data systems, attacks on ICS/OT environments can directly threaten public safety potentially causing equipment failures, power outages, or environmental hazards.
Many of these systems still operate using factory default settings and industrial protocols like Modbus and S7, many of which contain well-known vulnerabilities. Recent incidents include critical flaws such as command injection vulnerabilities in OT routers, which could allow attackers to fully control affected devices, and nearly 30% of known vulnerabilities in these systems lack available patches or updates.
The compromised infrastructure includes vital systems like water and wastewater management, fuel distribution, and building controls—highlighting the urgent need for increased security measures.
Research in 2024 identified new malware strains—FrostyGoop and Fuxnet—designed to target and disable industrial devices and protocols. The exposure is uneven worldwide, with the United States hosting the highest number of publicly accessible systems (around 80,000), while countries like Italy and Spain face higher relative risks based on their industrial landscape.
The report emphasizes that this widespread exposure is critical, urging device manufacturers, internet service providers, and operators to take immediate steps. These include removing unnecessary public access, implementing continuous network monitoring, and applying secure configurations from the start to mitigate physical and cyber risks.
As critical infrastructure modernizes, addressing legacy vulnerabilities and minimizing exposed services are essential to safeguarding public safety and maintaining operational integrity.
For the full report as well as detailed recommendations, visit HackRead’s official report post here.
Leave a Reply