Energy Sector Faces Growing Cyber Threats From Hidden Internet Exposures

New findings from cybersecurity firm SixMap reveal hidden internet exposures across the US energy sector, exposing critical vulnerabilities to potential cyberattacks.

Industrial Cyber News Editor Anna Ribeiro reports that an assessment of 21 major energy organizations revealed nearly 60,000 internet-facing services, including thousands operating on non-standard ports and thousands more with known security vulnerabilities. Some are already being exploited.

This assessment highlights an urgent need for enhanced visibility and broader scanning capabilities beyond the narrow set of ports typically monitored by standard cybersecurity tools.

Every participating organization had publicly exposed IPv6 assets, often without the knowledge of their own security teams. Traditional exposure management products typically overlook IPv6 networks, leaving those systems unmonitored and unprotected.

The report found that, on average, 9% of each organization’s internet-facing assets operated on IPv6, with some entities exceeding 30%. Additionally, about 7% of all exposed services ran on ports outside the top 5,000, an area rarely inspected by legacy tools.

The report identified 5,756 known vulnerabilities, including 377 confirmed as actively exploited, with 405 found on non-standard ports. This indicates that significant systemic risk exists across the industry.

For lawyers monitoring cybersecurity compliance and governance issues, the findings suggest substantial regulatory and liability implications. Blind spots in external exposure management invite scrutiny under evolving national security and infrastructure protection frameworks.

Energy entities should consider enhanced audit protocols. They should adopt tools capable of discovering IPv6 and non-standard port exposures, and prioritize remediation of known exploited vulnerabilities.

Strengthening accountability between security teams, vendors, and regulators will be crucial as the sector confronts escalating cyber threats that increasingly target critical systems.