Censys State of the Internet 2024 Overview

Keypoints

• Major cybersecurity vendors typically structure their annual reports into sections such as an introduction, threat landscape overview, detailed analysis of vulnerabilities (like ICS protocol and HMI exposure), regional and industry-specific trends, conclusions, and recommendations for security best practices.
• Key statistics reveal over 145,000 exposed ICS services worldwide, with approximately 38% in North America, 35% in Europe, and 22% in Asia, emphasizing the U.S.’s dominant share of global exposure.
• Notable trends include a significant rise in attacks leveraging internet-connected HMIs, with recent incidents involving defacement and control manipulation by groups linked to Iran and Russia, often exploiting systems with little to no authentication.
• Significant findings highlight the predominance of protocols such as Modbus, IEC 60870-5-104, and OPC UA, especially in European and North American regions, along with regional differences in protocol usage and network provider involvement, like Verizon and Deutsche Telekom.
• Recurring themes emphasize the critical security gaps in remote access systems, the risks posed by exposure of industrial protocols on widely used networks, and the importance of securing HMIs to prevent potentially disruptive attacks on critical infrastructure such as water and wastewater facilities.
• The reports stress the need for comprehensive asset inventories, adoption of robust access controls like VPNs and authentication, and increased cooperation from telcos and industry stakeholders to mitigate exposure risks.