Researchers discovered that many ICS panels for both public and private Critical infrastructure in the US are still unprotected that open’s a gate to hackers to exploit the infrastructure and gain access.
Companies in different sectors have begun to use new technology tools, among which the Internet of Things (IoT) stands out. This innovation allows connecting hundreds of devices in a single network; therefore, they are becoming popular in companies.
But, apart from this, there still may be problems in computer security. According to a report, the usage of IoT based devices and technologies on business platforms has increased by 61 percent without taking security risks into account.
The study simply demonstrates the high growth in almost all industries, mainly in the hotel sector, with 63 percent, followed by the financial sector with 60 percent and the medical care sector with 56 percent.
If the intention of working with the IoT devices is to obtain its great benefits, it is important to make a considerable effort, and at the same time, demand a better experience from business processes in order to guarantee a better operation.
In 2019, the business sector started with the boom of increasing the use of IoT applications with the intention of benefiting companies by saving money, generating new sources of income and better efficiency in production processes, but this has increased the cyberattacks by 28 percent, especially on connected devices, thus revealing the processes linked to this technology.
But, apart from this, hackers can also exploit this niche simply to target and remotely seize control of a wide range of critical public and private infrastructure.
Moreover, the maximum number of these potential targets are run by the ICS (Industrial Control Systems) that were generally designed without security in mind against potential cyberattacks, and for these reasons, they are extremely vulnerable.
According to the security reports, Thus, this type of lucrative situation could easily attract cyber attackers to initiate cyberwarfare campaigns and simply cause severe damage to the private and public properties in the US.
What Security Researcher Have Discovered
- Using the search engines that are dedicated to scanning all open ports, the hackers can remotely take control of critical unprotected private and public US infrastructures.
- Unprotected ICS (Industrial Control Systems) access points mostly include the energy and water industries.
- The most fascinating thing is that all these systems could be easily accessed by anyone with no passwords at all.
We have already told earlier that unprotected ICS (Industrial Control Systems) includes the energy and water industries, like Onshore oil wells, Coastal oil wells, Public water distribution systems, Public water treatment facilities, and Public sewer pump stations.
Onshore Oil Wells
Researchers said that an unprotected offshore oil well control systems gave a single access point to as many as five coastal oil wells. This is incredibly dangerous, as offshore oil rigs are particularly vulnerable to attacks “as they shift to unmanned robot platforms where vital operations […] are controlled via wireless links to onshore facilities.”
Public water treatment facilities
Researchers found an unprotected public water distribution system that would allow us to shut off the water supply for more than 600 people, causing a targeted water outage for an entire town that threat actors could potentially synchronize with arson attacks.
A public sewer pump station
Importance of The Discovery
Anyone having a specific skill set and special interest on this subject can easily hack these critically unprotected US infrastructures.
Now many of you might be wondering that what abilities do hackers will get if manage to hack? The attackers will simply get abilities to silent the alarms on oil wells, infect the water supply simply by shutting down the disinfectant production, cause wide water outages.
Ultimately these types of attacks will simply affect the huge number of peoples physically. Apart from all these things, the most shocking report is that most of the US-based institutions and companies are well conscious of these types of ever-growing security threats. But, still, all these companies and institutions think there is no urgent need for security systems to mitigate such attacks.
So, what do you think about this? Simply share all your views and thoughts in the comment section below.
Also Read: Top Cyber Security Trends Expected In 2020