This is the presentation to watch if you want to learn about Shodan finding ICS components on the Internet. It spawned a few articles including Wired’s 10K Reasons To Worry About Critical Infrastructure.
Eireann Leverett’s presentation is based on his dissertation for a Masters in Advanced Computer Science under Dr. Ross Anderson at Cambridge University. The hard statistics and visualization of the ICS components connected to the Internet begin at the 18 minute mark. Here are a small number of the interesting stats:
- $2.18 cost per Internet node discovered
- Scanned for 33 different banners (products)
- Found 10,358 ICS devices around the world
- Visualization tool shows what is found where on a map
The main unanswered question are what is the criticality of these Internet exposed ICS nodes? Of course they may be critical to the organization that is exposing them to this threat, but are they “critical infrastructure”. My best guess is that a very small percentage, less than 1%, are critical infrastructure.