New Report Reveals Hidden Risks: How Internet-Exposed Systems Threaten Critical Infrastructure

A recent Censys report highlights significant risks to critical infrastructure, identifying 145,000 exposed Industrial Control Systems (ICS) and thousands of insecure Human-Machine Interfaces (HMIs). These vulnerabilities offer attackers direct pathways to disrupt essential operations. Real-world incidents involve Iranian and Russian-backed hackers exploiting HMIs to manipulate water systems in Pennsylvania and Texas. GreyNoise research corroborates this threat, noting active scanning for HMIs with a focus on Remote Access Services (RAS) rather than complex ICS protocols. This prioritization makes RAS a prime entry point for exploitation. Organizations must urgently secure internet-exposed systems to prevent unauthorized access and potential operational disruption. Comprehensive mitigation strategies should focus on reducing attack surfaces, securing remote access pathways, and monitoring for scanning activity targeting industrial interfaces to protect critical national infrastructure from state-sponsored exploitation attempts.

A new Censys report found 145,000 exposed ICSs and thousands of insecure human-machine interfaces (HMIs), providing attackers with an accessible path to disrupt critical operations. Real-world examples underscore the danger, with Iranian and Russian-backed hackers exploiting HMIs to manipulate water systems in Pennsylvania and Texas. GreyNoise research further highlights the urgency: attackers are actively scanning for HMIs and prioritizing Remote Access Services (RAS) over complex ICS protocols, making these easily accessible entry points prime targets for exploitation.

A recent Censys report highlights significant risks to critical infrastructure, identifying 145,000 exposed Industrial Control Systems (ICS) and thousands of insecure Human-Machine Interfaces (HMIs). These vulnerabilities offer attackers direct pathways to disrupt essential operations. Real-world incidents involve Iranian and Russian-backed hackers exploiting HMIs to manipulate water systems in Pennsylvania and Texas. GreyNoise research corroborates this threat, noting active scanning for HMIs with a focus on Remote Access Services (RAS) rather than complex ICS protocols. This prioritization makes RAS a prime entry point for exploitation. Organizations must urgently secure internet-exposed systems to prevent unauthorized access and potential operational disruption. Comprehensive mitigation strategies should focus on reducing attack surfaces, securing remote access pathways, and monitoring for scanning activity targeting industrial interfaces to protect critical national infrastructure from state-sponsored exploitation attempts. A new Censys report found 145,000 exposed ICSs and thousands of insecure human-machine interfaces (HMIs), providing attackers with an accessible path to disrupt critical operations. Real-world examples underscore the danger, with Iranian and Russian-backed hackers exploiting HMIs to manipulate water systems in Pennsylvania and Texas. GreyNoise research further highlights the urgency: attackers are actively scanning for HMIs and prioritizing Remote Access Services (RAS) over complex ICS protocols, making these easily accessible entry points prime targets for exploitation. A new Censys report found 145,000 exposed ICSs and thousands of insecure human-machine interfaces (HMIs), providing attackers with an accessible path to disrupt critical operations. Real-world examples underscore the danger, with Iranian and Russian-backed hackers exploiting HMIs to manipulate water systems in Pennsylvania and Texas. GreyNoise research further highlights the urgency: attackers are actively scanning for HMIs and prioritizing Remote Access Services (RAS) over complex ICS protocols, making these easily accessible entry points prime targets for exploitation.