Critical Infrastructure at Risk as Internet-Connected Industrial Systems Surge 12%

BitSight study shows a 12% rise in ICS/OT exposure, risking critical systems with outdated security and rising vulnerabilities.

By Content Team

Sep 28, 2025

ON THIS PAGE

Share

---

ON THIS PAGE

Want more insights like this?

Subscribe to our newsletter to get the latest software protection strategies delivered to your inbox.

By submitting your email, you consent to Codekeeper contacting you and agree to our privacy policy.

BitSight's latest research reveals a troubling reversal in cybersecurity progress: internet exposure of industrial control systems (ICS) and operational technology (OT) jumped 12% in 2024, reaching over 180,000 visible devices monthly. The firm expects this number to approach 200,000 in 2025.

These aren't just forgotten legacy systems. New ICS/OT devices are going online with outdated protocols, minimal authentication, and poor network segmentation. The problem spans all studied protocols, from Modbus to BACnet, affecting energy grids, water treatment facilities, and building automation systems.

Making matters worse, vulnerabilities in these devices continue climbing. Many carry critical security flaws with CVSS scores of 10.0 and trivial exploit paths. The U.S. leads global exposure, particularly in manufacturing and utilities.

Attribution remains a major challenge—most devices trace only to ISPs, making it nearly impossible to notify operators of vulnerabilities.

Source: Industrial Cyber

Share this article

Have questions about protecting your software?

Our escrow experts are standing by to help.

Book a free demo

YOU MAY ALSO LIKE

Federal Agencies Ordered to Patch F5 Systems After Nation-State Breach

Oct 16, 2025

Hackers Breach Public Safety Equipment Maker BK Technologies

Oct 7, 2025

GCHQ Chief Warns Companies: Cyber Attacks Will Get Through

Oct 24, 2025

Chinese Hackers Deploy 'Airstalk' Malware in Supply Chain Attacks Targeting Business Outsourcing Firms

Nov 3, 2025