sb-as logo
Story image

Top 10 riskiest IoT devices for enterprises, according to Forescout

Internet of things (IoT) technologies are becoming more popular as businesses look for unique and successful ways to capture and utilise data.

However, according to Forescout, IoT devices exist in every vertical, can be hard to monitor and control, and can present risk to modern organisations both as entry points into vulnerable networks or as final targets of specialised malware.

Essentially, IoT devices can become attack vectors for hackers to gain access to enterprise networks, and recent Forescout research shows businesses need to be aware of this and put adequate security measures in place.

In Forescout’s The Enterprise of Things Security Report, the company identified the 10 riskiest IoT devices for 2020.

In the study, Forescout Research Labs assessed the risk posture of more than eight million devices deployed across five verticals: financial services, government, healthcare, manufacturing and retail.

The data illustrates which devices in the cyber-physical realm are most likely to be compromised and exploited, helping security teams focus on key areas according to threat.

The devices identified are:

  1. Physical access control solutions
  2. HVAC systems
  3. Network cameras
  4. Programmable logic controllers
  5. Radiotherapy systems
  6. Out-of-band controllers
  7. Radiology workstations
  8. Picture archiving and communication systems
  9. Wireless access points
  10. Network management cards

Within this the report found the riskiest device groups include smart buildings, medical devices, networking equipment and Voice over Internet Protocol (VoIP) phones.

The device types posing the highest level of risk are those within physical access control systems. These devices are ubiquitous and literally open the doors to the physical world, bridging the gap between the cyber and physical realms, Forescout states.

According to the data sample, physical access control solutions are the systems at highest risk due to the presence of many critical open ports, a lot of connectivity with risky devices, and the presence of known vulnerabilities.

Other top 10 riskiest device types include medical devices and networking equipment. These devices, especially medical devices, have enormous potential impact if compromised, and frequently have critical open ports that expose dangerous services on the network, the researchers find.

Windows workstations continue to represent a major risk to organisations. More than 30% of managed Windows devices in manufacturing and more than 35% in healthcare are running recently unsupported versions of Windows.

Additionally, almost 30% of managed Windows devices in financial services are running operating systems that are not patched against the BlueKeep vulnerability.

Commonly exploited network services are spread out across industry verticals. Almost 10% of devices in government have default Telnet port 23 open, and almost 12% have default FTP ports 20 or 21 open, the research found.

In financial services, government and healthcare, close to 20% of devices have default SMB port 445 open and close to 12% have default RDP port 3389 open.

These services leave devices open to attacks from automated threats, such as botnets and ransomware, and advanced persistent threats (APTs).

Forescout regional director of Australia and New Zealand Rohan Langdon says, “Organisational leaders are starting to understand the inherent cyber risks that IoT devices pose; however, there are many questions around which devices pose the highest risk.

"Knowing the potential risk is critical in helping organisations identify which devices to proactively take action on or potentially block from the network.

“Cyber risk modelling, such as that made possible by Forescout’s Device Cloud data lake, provides boards and executives with a way to know where the highest risk is as well as benchmark against their peers.”

Langdon says, “The number and diversity of connected devices in virtually every industry vertical has presented new challenges for all organisations and indirectly made every business leader a cybersecurity stakeholder. Part of reducing this risk is applying security controls and tools that can help identify and automate controls.

“This includes: having device visibility across the network; accelerating the design, planning and deployment of dynamic network segmentation; enhancing endpoint manageability; automating and enforcing policy-based control; and highlighting operational technology IoT exposure by continuously and passively discovering, classifying, and monitoring network-connected OT and IoT devices.”

Story image
Barracuda expands MSP portfolio
Barracuda Networks has announced the expansion of its portfolio of solutions and services for IT managed service providers to include Barracuda CloudGen Access for MSPs. More
Story image
Cybersecurity budgets still not keeping up with threats — report
Executive teams are failing to recognise the level of damage cyber-threats pose to organisations, according to Sophos — many of them taking a ‘conservative approach’ to cybersecurity expenditure.More
Story image
Kroll completes Redscan acquisition, expands cyber risk portfolio
With the addition of Redscan and its extended detection and response (XDR) enabled security operations centre (SOC) platform, Kroll expands its Kroll Responder capabilities to support a wider array of cloud and on-premise telemetry sources.More
Story image
Snyk powers forward following financing round, expands leadership team
Snyk has closed its Series E financing round, totalling $300 million, and has expanded its leadership team to deliver advanced security to companies around the globe.More
Story image
Infrastructure-as-code, and how it can secure the cloud
Bridgecrew recognised IaC early on as one of the best ways for modern teams to delegate security ownership to individual contributors while distributing it across existing frameworks within CI/CD pipelines. This attribute meant that IaC was invaluable in securing cloud-native environments.More
Story image
WatchGuard uncovers top cyber threat trends of Q4 2020
“The rise in sophisticated, evasive threat tactics last quarter and throughout 2020 showcases how vital it is to implement layered, end-to-end security protections."More