Thousands of industrial systems, including power grids and traffic lights, found exposed online

A white padlock on a dark digital background.
(Image credit: Shutterstock.com)

Hundreds of thousands of industrial control systems (ICS) are connected to the public internet and accessible to hackers, researchers have claimed.

Hackers can then test these endpoints for different vulnerabilities, and if they find any - exploit them for significant gain (financial or otherwise). 

This is according to a new report from BitSight, which after running mass-scale scans through the overall IP address space, was able to identify the systems running on each one, determing that some 100,000 sensors, actuators, switches, building management systems, and automatic tank gauges (among others), were all internet-connected and ready to be tampered with. 

History of attacks

Some of these endpoints belong to Fortune 1000 companies, located in almost 100 countries around the world. The largest percentages of the devices were found in the United States, Canada, and Italy, with the UK, France, Netherlands, Germany, Spain, Poland, and Sweden, rounding out the top 10. 

Firms in education, technology, government, and business services industries, were deemed least secure, followed by manufacturing, utilities, real estate, energy, hospitality, and finance.

Hackers potentially using these devices for hacks is far from being speculative or theoretical - there have been countless examples throughout the years of threat actors - even state-sponsored ones - doing just that. Even last year, the US government was warning critical infrastructure organizations in the US that they were being targeted with custom-built malware, designed specifically for the hardware they use.

In that particular instance, hackers were targeting Schneider Electric programmable logic controllers (PLCs), OMRON Sysmac NEX PLCs, and Open Platform Communications Unified Architecture (OPC UA) servers with malware.

Further in history, back in 2018, The FBI was warning US private sector companies about an ongoing hacking campaign targeting supply chain software providers. "Software supply chain companies are believed to be targeted in order to gain access to the victim's strategic partners and/or customers, including entities supporting Industrial Control Systems (ICS) for global energy generation, transmission, and distribution."

Via BleepingComputer

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.