The Forescout report reveals a concerning surge in IoT vulnerabilities, escalating by 136% within a year. With 33% of IoT devices now vulnerable, including critical infrastructure like wireless access points and IP cameras, the threat landscape is increasingly ominous. Rik Ferguson of Forescout emphasizes that threat actors target enterprise-connected IoT devices, exploiting them for unauthorized access and lateral movement. Alarmingly, Internet of Medical Things (IoMT) devices are also at risk, threatening patient care and medical systems.
Network infrastructure, notably routers and wireless access points, surpass endpoints in vulnerability. Operational technology faces risks from devices like uninterruptible power supplies and robotics. Despite previously being the most vulnerable sector, healthcare has seen improvements due to increased security investment, particularly against ransomware.
Globally, China leads in device risk, while the UK demonstrates comparatively lower risk. These findings underscore the critical need for organizations to fortify IoT security measures against evolving cyber threats, safeguarding not only their infrastructure but also critical services and public safety.
IoT Vulnerabilities Surge by 136%: Key Findings from Forescout’s 2024 Report
The most vulnerable IoT device types were wireless access points, routers, printers, voice over Internet Protocol ( VoIP ) and IP cameras.
Around a third ( 33 % ) of IoT devices analyzed had vulnerabilities.
Forescout’s VP Security Intelligence Rik Ferguson stated to Infosecurity that threat actors generally target IoT devices connected to the enterprise stack, such as IP cameras and building management systems, away of consumer smart products.
These endpoints give attackers a great deal of the opportunity to hack into and break into an organization’s systems without being seen.
Because they are typically visible to the enterprise security stack, they are frequently tutorials shared in underground forums about how to compromise and use them for lateral movement, exfiltration, and command and control, according to Ferguson.
Internet of Medical Things ( IoMT ) were also highlighted as a significant risk by the researchers, with 5 % of these devices found to contain vulnerabilities.
The riskiest devices observed in this category were medical information systems, electrocardiographs, digital imaging and communications in medicine ( DICOM) workstations, picture archiving and communication systems ( PACS) and medication dispensing systems.
The researchers noted that there are documented instances of ransomware attacks that affect the functionality of dispensing facilities, which can cause persistent treatment delays.
IoMT has also moved above the operational technology ( OT ) in categories with the riskiest devices, compared to Forescout’s 2023 report.
Network equipment is the most susceptible category of IT equipment
IT devices accounted for most device vulnerabilities ( 58 % ) in this year’s report, although this represents a significant fall from 78 % in 2023.
Network infrastructure devices, including routers and wireless access points, were the riskiest type of IT device category, surpassing endpoints.
According to Ferguson, there have been fewer and fewer IT device categories as a result of attackers focusing on frequently uncontrolled resources like mobile access points and routers.
He noted that ransomware was developed specifically for these devices and that hypervisors have been the entry points for significant compromises in the previous year.
Uninterruptible power supplies ( UPS), distributed control systems (DCS), programmable logic controllers ( PLC ), robotics, and building management systems ( BMS ) were the five most dangerous device types identified in OT environments.
In total, 4 % of Twisted devices were found to contain vulnerabilities.
The researchers found that robot use is speedily increasing in sectors like mechanical manufacturing and electronics, where factories are becoming more connected.
Some of these robots have outdated software and default credentials, which are the same security issues as another OT equipment.
Industry Device Risk Scores: Insights from Forescout’s Latest Report
The industries that have the highest average device risk are technology ( 8.3 ), education ( 8.14 ), manufacturing ( 7.98 ) and financial ( 7.95 ).
Ironically, healthcare has gone from being the riskiest industry in 2023, to the least riskiest in Forescout’s the latest report, with a score of 7.25.
This is a result of healthcare’s substantial investment in device security in the previous year, according to the researchers.
Ferguson noted that healthcare has learned from being seriously targeted by ransomware attacks in the last year by closing vital entry points for attackers, and in particular by reducing the exposure of Telnet and RDP.
Risk scores are quantified based on configuration, behavior and function, with each device assigned a score between 1 and 10.
The country with the highest average device risk was China ( 7.32 ), followed by Philippines ( 6.97 ), Thailand ( 6.96 ), Canada ( 6.51 ) and the US ( 6.44 ).
The UK received the lowest risk score of the nations analyzed, at 6 points.