In August 2022, the threat intelligence and cybersecurity company Cyble found 8,000 virtual network computing (VNC) instances exposed online. Additionally, this research revealed that most of these ports are in the United States, China and Sweden — putting many critical infrastructure companies at risk of attack.
In an age where cybersecurity threats are omnipresent, it’s vital to maintain good security practices around remote computing access — especially concerning the nation’s most critical sectors. It’s crucial to examine why VNCs are vulnerable and what enterprise security teams can do to further protect these gateways to critical infrastructure.
What is VNC, and Why Does it Matter in Critical Infrastructure?
VNC is a graphical desktop-sharing system that uses the Remote Frame Buffer (RFB) protocol, enabling remote control of other computers and machinery via a network connection. This technology is integral to critical infrastructure sites, such as water treatment plants, manufacturers and research facilities.
According to the Cybersecurity and Infrastructure Security Agency (CISA), there are 16 critical infrastructure sectors in the U.S:
Chemical Sector
Commercial Facilities Sector
Communications Sector
Critical Manufacturing Sector
Dams Sector
Defense Industrial Base Sector
Emergency Services Sector
Energy Sector
Financial Services Sector
Food and Agriculture Sector
Government Facilities Sector
Healthcare and Public Health Sector
Information Technology Sector
Nuclear Reactors, Materials and Waste Sector
Transportation Systems Sector
Water and Wastewater Systems Sector.
The National Institute of Standards and Technology (NIST) defines critical infrastructure as “systems and assets, whether physical or virtual, so vital to the U.S. that the incapacity o ..
Support the originator by clicking the read the rest link below.
