A recent study conducted by cybersecurity management and monitoring leader Bitsight has shed light on the vulnerability of industrial control systems (ICSs) to cybercriminals. These systems [1] [3] [5], which are responsible for managing complex industrial processes and critical infrastructures, are owned by organizations in 96 countries [4], including Fortune 1000 companies [2] [3] [4].


The study reveals that there are nearly 100,000 ICSs that are exposed to the public internet. Among the sectors with the highest concentration of exposed ICSs are education [4], technology [2] [3] [4], government [2] [3] [4], and business services [2] [3] [4]. While there has been a decrease in the number of internet-facing ICSs over the years [2] [4], the overall threat level remains high [2] [4]. Breaches in ICS can have significant disruptive effects and impact a large number of users [1].

Bitsight emphasizes the crucial role of ICSs in preventing disruptions and highlights the catastrophic consequences that could result from an attack on just one ICS device [4]. It is essential for organizations to take steps to secure their ICSs, and manufacturers of ICSs are urged to enhance the cybersecurity of their devices [4]. The goal of ICS security is to protect these systems from both accidental and planned risks [1].


The findings of this study underscore the importance of addressing the vulnerabilities in industrial control systems. The potential impacts of breaches in ICSs are significant, with the potential to cause widespread disruptions. It is imperative for organizations to prioritize the security of their ICSs and for manufacturers to enhance the cybersecurity measures of their devices. Looking ahead, it is crucial to continue investing in ICS security to mitigate risks and safeguard critical infrastructures.


[1] https://www.cybersecurity-automation.com/what-is-industrial-control-systems-cyber-security/
[2] https://www.morningstar.com/news/pr-newswire/20231002ne26113/bitsight-identifies-nearly-100000-industrial-control-systems-exposed-to-the-public-internet
[3] https://www.prnewswire.com/news-releases/bitsight-identifie-pres-de-100-000-systemes-de-controle-industriels-exposes-publiquement-sur-internet-301944630.html
[4] https://www.informazione.it/c/17A49F22-D76F-4095-A8BB-FB52F616FB30/Bitsight-Identifies-Nearly-100-000-Industrial-Control-Systems-Exposed-to-the-Public-Internet
[5] https://www.infosecurity-magazine.com/news/industrial-control-systems-exposed/