A recent study conducted by Forescout Research–Vedere Labs revealed alarming trends in the cyber threat landscape affecting organizations worldwide. With a focus on IT, Internet of Things (IoT), and operational technology (OT), the study examined nearly 19 million devices to identify the categories posing the greatest risks to organizations. Factors taken into account included misconfigurations, vulnerabilities, exposure to the Internet, and potential impact on organizations in the event of a compromise.
The study found that while IT devices still account for a majority of vulnerabilities at 58%, this percentage has decreased from 78% in 2023. On the other hand, IoT vulnerabilities have seen a drastic increase of 136%, with the percentage of known bugs rising from 14% to 33% in the past year. This highlights the growing risk posed by IoT devices and the need for heightened cybersecurity measures in this area.
Among the most vulnerable device types identified in the study are wireless access points, routers, printers, VoIP devices, and IP cameras. Additionally, unmanaged gear such as VoIP devices, networking infrastructure, and printers were noted as being highly exposed to cyber threats. The study also highlighted the top three riskiest verticals as technology, education, and manufacturing, with healthcare showing a decline in risky devices for 2024 but still facing challenges in securing Internet of Medical Things (IoMT) devices.
The report emphasized the importance of taking a holistic view when assessing cybersecurity risks, noting that attackers can leverage devices from different categories to carry out sophisticated attacks. Forescout highlighted the need for solutions that can effectively prioritize and reduce risks across the entire organization, regardless of device category.
Further analysis of specific device categories revealed insights into the risk landscape within IT, IoT, and OT domains. IT devices, including routers, wireless access points, servers, and computers, were identified as common targets for cyberattackers, with network infrastructure devices increasingly vulnerable due to a rise in exploitable vulnerabilities.
In the IoT realm, network video recorders (NVRs) emerged as a new entry on the list of risky devices, joining familiar targets like NAS devices, VoIP devices, IP cameras, and printers. NAS devices, in particular, have become lucrative targets for ransomware attacks due to the valuable data they store, while IP cameras are frequently exposed online without adequate security measures.
In the operational technology sector, devices such as uninterruptible power sources (UPS), distributed control systems (DCS), PLCs, robotics, and building management systems were identified as the riskiest. These devices face a range of vulnerabilities, from default credentials in UPS devices to insecure PLCs and DCSes that allow unauthorized access.
Within the Internet of Medical Things (IoMT), the study highlighted new entries in the riskiest device category, including medical information systems, electrocardiograph machines, DICOM workstations, PACS, and medication-dispensing systems. These devices pose significant risks to patient safety and personal health information, with vulnerabilities ranging from unencrypted medical images to disruptions in patient care due to compromised infusion pumps.
Overall, the study underscores the need for organizations to adopt comprehensive cybersecurity strategies that address risks across all device categories. By prioritizing security measures and awareness of potential vulnerabilities, organizations can better protect themselves against evolving cyber threats in an increasingly interconnected digital environment.