In a report released Wednesday, Forescout’s research team, Vedere Labs, have updated their findings on the riskiest devices in enterprise networks in 2022. By analyzing the millions of IoT devices in Forescout’s Device Cloud, they identified recurring attack vectors and how threat actors are taking advantage of the increased proliferation of devices throughout every enterprise.
Key findings of this report include:
- In addition to device types observed as the riskiest in 2020, such as networking equipment, VoIP, IP cameras and PLCs, new entries, such as medical use of hypervisors and human machine interfaces (HMIs) have broadened the attack surface
- Government and financial have the highest risk at 43% for government and 37% for financial
- The ranking of riskiest devices does not change considerably per industry
- The riskiest IT and OT devices remain nearly constant across different regions, while the riskiest IoT devices change slightly, and the riskiest IoMT (healthcare) devices change considerably
- Implementing automated controls that do not rely only on security agents and that apply to the whole enterprise can help reduce risk across an organization
“It is not enough to focus defenses on risky devices in one category since attackers can leverage devices of different categories to carry out attacks. We have demonstrated this with R4IoT, an attack that starts with an IP camera (IoT), moves to a workstation (IT) and disables PLCs (OT)” the report stated.
