As you may have heard, 8,000 internet-accessible VNC instances were exposed due to disabled authentication. Security researchers found that these instances were managed by critical infrastructure organizations such as water treatment plants, manufacturing plants, and research facilities. With authentication disabled, malicious actors could potentially hijack these endpoints and the industrial control systems they’re often connected to.
While VNC has been handy during COVID by allowing users to remotely control IT/IOT infrastructure assets, the lack of safety measures and security checks resulting in this vulnerability makes it fairly easy for intruders to penetrate the victim’s network and create havoc.
