- The growing exposure of industrial systems puts services and critical infrastructure at real risk
- AI helps defenders and attackers accelerate the discovery and exploitation of vulnerabilities
- Convenience -oriented decisions leave online critical devices creating an unforgivable risk
A new report warned that after years of improvement, the number of industrial systems directly accessible on the Internet increases again.
Bitsight research claim that the number of devices exposed in 2024 has increased from 160,000 to 180,000, a leap of 12%.
If things continue as they were, the total number of risk devices should exceed 200,000 at the end of 2025.
Worse scenario
A large number of these systems, which include water treatment controllers, automation equipment for buildings and thousands of automatic tanning systems without authentication, carry documented defects, including CVSS 10.0 vulnerabilities which are easy to exploit for attackers.
In the worst case, the main researcher Pedro Umbelino warns that the attackers could cut fuel access from a distance or modify the security settings.
New installations began to appear online in 2024 without the basic security in place, coinciding with the rise of malware – such as Frostygoop and Fuxnet – designed to target industrial systems.
Italy and Spain had the highest exposure rates when measured by company and population, while the United States had the greatest number overall.
Speaking of the conclusions of the report, Umbelino told us that AI had become “a multiplier on both sides”.
He explained that Bitsight uses automatic learning to process scanning data on the Internet scale and detect anomalies, while LLM now help analysts to speed up tasks such as analysis of the decomplulator output.
At the same time, however, AI reduces the cost of attackers, which allows them to find targets more easily and create malicious software.
“You don’t need a GPU farm when the aircraft are already in an erroneous public router,” he told us.
When asked if exposure is the result of negligence or deliberate choice, Umbelino stressed the two.
“I believe that exposure often occurs because of basic surveillance,” he said, adding that many cases are summed up in convenience: “Remote access is easier, cheaper and more practical. Integrators want fast installations. The operators want less friction. Suppliers want everything to be connected.”
“When these choices accumulate,” he said, “the result is an unacceptable systemic risk that someone wanted it or not. This is why I refer to this exhibition as unforgivable. Because it seems to me that it is not if a catastrophic catastrophe will occur, but when.”
The report, to which you can access here, urges operators to delete public access, require stronger defects in suppliers and to initiate service providers as partners in surveillance.
These systems, prevents the report: “Run more than plants and pumps: they trust”.
You might also love
Follow Techradar on Google News And Add us as a favorite source To get our news, criticisms and expert opinions in your flows. Be sure to click on the follow!
And of course, you can also Follow Techradar on Tiktok For news, criticism, unpacking in video form and obtain regular updates to us on Whatsapp Also.
