via SC Magazine
Forescout’s list of riskiest connected devices for 2023 includes seven fresh entries that security teams should keep in mind as they look to secure their assets.
The latest version of the cybersecurity vendor’s annual list, released July 13, adds a number of new devices, including VPN gateways, security appliances, network attached storage (NAS) and out-of-band management for Internet of Things devices. Rounding out the new devices this year are engineering workstations and remote terminal units (RTUs) in operational tech, and blood glucose monitors for Internet of Medical Things.
The findings are culled directly from data being sent by millions of connected devices to Forescout’s device cloud between Jan. 1 and April 30, according to Daniel Dos Santos, head of security research at the firm and author of this year’s list.
While there is a certain of level of consistency to the findings — 13 of the 20 devices on this year’s list are holdovers from previous years — it can also pick up on emerging trends from attackers, such as the 2022 version that accurately predicted the widespread targeting of hypervisors by ransomware actors.
“Throughout the years, we have noticed that although many device types are consistently in these lists – such as IP cameras, VoIP equipment and programmable logic controllers (PLCs) – due either to their inherent criticality or to the persistent lack of attention from security teams, there are other devices whose current risk level reflect developments in the threat landscape,” Dos Santos wrote.
Forescout broke down devices into four categories: IT, IoT, OT and IoMT. Computers topped the IT category, while NAS led OT devices, uninterruptible power supply (UPS) was the riskiest OT device, and healthcare workstation was the IoMT’s riskiest.
The riskiest IT devices continue to be roughly divided into two main groups: endpoints such as computers and servers are risky for being the entry points, while network infrastructure devices like routers, VPN gateways and security appliances are often exposed online.
IP cameras, printers and VoIP continue to be the most persistent IoT devices at risk since they are commonly exposed on the internet. Programmable logic controllers (PLCs), UPSs and building automation controllers were the riskiest OT devices, while healthcare workstations topped IoMT devices again.
Forescout looked at over 4,000 vulnerabilities, with over three-quarters of them (78%) affecting IT devices. IoT made up 14% of devices affected by vulnerabilities and 6% were OT.
Even though 2% of the vulnerabilities hit IoMT devices, 80% of those are rated as critical and could lead to complete device takeover. Bugs affecting IT devices, on the other hand, were more likely to be high severity, while OT and IoT devices were similarly affected by vulnerabilities rated as critical.
Healthcare was the riskiest industry in 2023, as nearly 10% of health devices had open ports. Retail and manufacturing followed healthcare as the riskiest industries.