TTPwire Vol. 1 · MITRE ATT&CK·Tagged

← All stories

GreyNoise

New Report Reveals Hidden Risks: How Internet-Exposed Systems Threaten Critical Infrastructure

2024-11-21 · Read original ↗

ATT&CK techniques detected

3 predictions
T1190Exploit Public-Facing Application
91%
"new report reveals hidden risks : how internet - exposed systems threaten critical infrastructure critical infrastructure powers the systems we rely on every day — electricity, clean water, transportation. but what happens when these systems are exposed to the internet, left vuln…"
T1190Exploit Public-Facing Application
57%
"all internet - facing systems, especially hmis, and remove unnecessary exposure. - strengthen access controls : implement strong authentication, network segmentation, and vpns to prevent unauthorized access to hmis and remote access points. - monitor for reconnaissance : attacker…"
T1190Exploit Public-Facing Application
52%
"critical systems. - concentration of exposure : north america accounts for 38 % of global ics exposures, with the u. s. hosting over one - third of these systems. real - world examples in the report, such as attacks in pennsylvania and texas, illustrate how attackers used exposed…"

Summary

A new Censys report found 145,000 exposed ICSs and thousands of insecure human-machine interfaces (HMIs), providing attackers with an accessible path to disrupt critical operations. Real-world examples underscore the danger, with Iranian and Russian-backed hackers exploiting HMIs to manipulate water systems in Pennsylvania and Texas. GreyNoise research further highlights the urgency: attackers are actively scanning for HMIs and prioritizing Remote Access Services (RAS) over complex ICS protocols, making these easily accessible entry points prime targets for exploitation.