- Growing exposure of industrial systems puts critical services and infrastructure in real risk
- AI helps both defenders and attackers speed up the discovery and exploitation of vulnerabilities
- Convenience -driven decisions leave critical devices online and create unforgivable risk
A new report has warned that the number of industrial systems directly available on the Internet after years of improvement is growing again.
Research from Bitsight claims that the number of exposed units by 2024 grew from 160,000 to 180,000, a leap of 12%.
If things continue as they have been, the total number of units is expected to exceed 200,000 by the end of 2025.
Worst case
A large number of these systems, which include water treatment controllers, building automation equipment and thousands of automatic tank measurement systems without approval, carry documented deficiencies, including CVSS 10.0 vulnerability that are easy for attackers to exploit.
At worst, head research scientist Pedro Umbelino warns that attackers external cut off fuel access or change security settings.
New installations began to appear online in 2024 without basic security in place, coinciding with the increase of malware – such as Frostygoop and Fuxnet – designed to target industrial systems.
Italy and Spain had the highest exposure rates when measured per year. Business and population, while the United States had the largest number overall.
When he talked about the report’s findings, Umbelino told us that AI has become “a multiplier on both sides.”
He explained that Bitsight uses machine learning to process scanning data for internet scale and detect deviations, while LLMs are now helping analysts to speed up tasks such as Parsing degradation output.
At the same time, however, AI lowers the cost of attackers, making it easier for them to find goals and build malware.
“You don’t need a GPU yard when devices are already an incorrectly configured router away from the public web,” he told us.
On the question of exposure is the result of negligence or conscious choice, Umbelino pointed to both.
“I think exposure often happens due to basic supervision,” he said, adding that many cases come to convenience: “Remote access is easier, cheaper and more convenient. Integrators want quick installations. Operators want less friction. Suppliers want everything connected.”
“When these choices are stacking up,” he said, “The result is unacceptable systemic risk, whether someone meant or not. Therefore, I refer to this exposure as unforgivable. Because it seems it is not if a catastrophic disaster will happen, but when.”
The report, which you can access here, encourages operators to remove public access, require stronger the supplier’s default settings and engage service providers as partners in surveillance.
These systems warn the report: “Run more than plants and pumps: they run confidence.”
You also like
Follow Techradar on Google News and Add us as a preferred source To get our expert news, reviews and meaning in your feeds. Be sure to click the Follow button!
And of course you can too Follow Techradar at Tiktok For news, reviews, unboxings in video form and get regular updates from us at WhatsApp also.
