"The the barrier for entry to be able to carry out these attacks is dropping all the time."
That's one of the more sobering statements from new research on how exposed and vulnerable infrastructure in the energy and water sectors has become.
Trend Micro's TrendLabs team found that the IIoT, or Industrial Internet of Things, has increased vulnerabilities, especially at the Human Machine Interface (HMI).
Using an IoT search engine you simply have to sign up for, called Shodan, researchers discovered publicly exposed monitoring and control interfaces.
These exposed interfaces give anyone the power to change what energy producers or water users are doing, how things are mixed, or even the ability to shut a process down.
Oil and gas production HMI discovered by TrendLabs:
Industrial water heating HMI researchers found:
Biogas plant HMI researchers uncovered:
These are just anecdotal examples of a more widespread problem researchers found.
The Industrial Internet of Things has made the energy and water sectors more flexible and allows real-time or near real-time monitoring like never before. However, it clearly has expanded the ICS and SCADA attack surfaces, as well.
Many of these exposed HMIs have critical functionalities like start, stop, reset, alarm, parameter changes, etc., which are easily accessible to anyone. If attackers gain access to these exposed HMIs, then they can inflict serious system damage or cause failures. The operators failed to notice and subsequently disable the unauthenticated VNC servers even after the Shodan crawler made repeated visits.
Is this happening at your organization?
If you are in the energy or water sector or rely on IoT devices, read the report for yourself: Exposed and Vulnerable Critical Infrastructure in the Water and Energy Industries.
