Hundreds of Internet-Facing VNC Servers Expose ICS/OT
Summary
Forescout researchers have discovered tens of thousands of internet-facing RDP and VNC servers, with hundreds specifically linked to Industrial Control Systems (ICS) and Operational Technology (OT) environments. This exposure poses significant risks to critical infrastructure.
IFF Assessment
FOE
The exposure of critical ICS/OT infrastructure via internet-facing VNC servers represents a significant risk to operational continuity and security.
Defender Context
This finding highlights a critical oversight in securing OT environments, which are increasingly targeted by threat actors. Defenders must prioritize inventory and secure access to all exposed RDP and VNC services, particularly those controlling ICS/OT systems, to prevent unauthorized access and potential disruption.