Cyble researchers noted over 9,000 VNC servers were exposed online without any passwords, putting thousands of other systems relying on them at risk.
VNCs act as remote controllers for many industrial control systems, which are critical to the public. Thus, researchers warn the consequences of these exposed servers can be hard if they’re linked to critical systems underneath. Also, they shared tips to secure them.
Globally Exposed VNC Instances
Virtual Network Computing (VNC) is a platform-independent system that helps system admins to handle other computers in a network connection remotely through a remote frame buffer protocol.
This is seen as one of the effective ways of managing industrial control systems, which forms an important role in factories. So depending on what systems lie behind the VNCs, consequences vary. And this situation seems to worsen globally, says Cyble researchers, who spotted over 9,000 VNC servers around the world – without passwords!
Most are noted in China and Sweden, followed by the United States, Spain, and Brazil in the next places. Anyone finding them can easily exploit for access and remotely control the underlying systems of such exposed VNCs.
To check the scope of such attacks, researchers made a scan using their in-house tools and found that over six million requests for exposed VNCs are made in a month! They found this number by tracking the hits against port 5900 – the default port for VNC connections.
Researchers spotted some instances to be more critical, as they’re connected to manufacturing plants. And to make these things worse, Cyble’s number of 9,000 exposed VNC servers are only filtered by instances without having any password.
So considering instances with weak passwords may push the vulnerable systems significantly higher. Thus, warning system admins to be vigilant, researchers advised them to set strong passwords and hide the VNCs behind VPNs to be more secure.
Other Trending News:- News