The study, by the cybersecurity firm Bitsight, found exposed organisations in 96 countries, including several Fortune 1000 organisations. It investigated systems communicating via common ICS protocols including Modbus, EtherNet/IP, BACnet, Codesys and S7.
Although there has been a steady decline in the number of Internet-facing ICSs since 2019, Bitsight warns that there remains a significant risk to organisations and their partners.
“This research shows that while the number of exposed ICSs is trending downwards, the overall threat level remains too high,” comments Bitsight chief risk officer, Derek Vadala. “An attack on just one ICS device could be a potentially catastrophic event that could have far-reaching consequences.”
Bitsight is urging ICS users to implement these measures as a matter of urgency:
• Identify any ICSs deployed by your organisation and/or business partners and assess the security of these systems.
• Remove any exposed ICSs from the public Internet.
• Use safeguards such as firewalls to protect against unauthorised access to your ICSs.
The number of ICSs exposed to the Internet has dropped from around 135,000 in 2019 to less than 110,000 nowSource: Bitsight
It is also calling on ICS manufacturers to improve the cybersecurity of their systems. Bitsight recommends that they:
• Use secure-by-design principles
• Improve the security posture of deployed equipment and machinery using data and insights.
• Build programs detect misconfigured or otherwise exposed systems.
