The researchers discovered 8,000 unprotected instances of virtual network computing, which exposed a large number of global organizations to the risk of external compromise. In fact, the bodies were managed by the critical Infrastructure organizations (CNI), which were responsible for water treatment plants, factories, and research facilities. With authentication disabled, attackers have the option to hijack certain endpoints and thus the industrial control systems to which they can connect. This is because Dec is a cross-platform screen-sharing system that allows users to remotely control another computer. Etay Maor, senior director of security strategy at Cato Networks, says: “VNCs are essentially devices, and every device needs careful maintenance, updates, and fixes. This is the same problem that he has faced for a long time. By migrating to Sase’s cloud service, organizations with critical infrastructure can maintain infrastructure without compromising service delivery. They can apply virtual patches that protect the internal infrastructure without actually updating that infrastructure.”