PCs, IP cameras, routers, video conferencing systems are putting companies at risk, report

PCs, routers, printers, IP cameras, hypervisors and video conferencing devices are among the most targeted Information Technology (IT) and Internet of Things (IOT) devices in the world, according to a new study by Vedere Labs and Forescout, a cybersecurity firm.

Vedere Labs attributed the high-risk factor to the fact that IP cameras, VoIP and video conferencing devices are commonly exposed to the internet and have a history of being targeted by cybercriminals. 

In the operational technology (OT) and internet of medical things (IoMT) categories, programmable logic controller (PLC), human machine interface (HMI), DISCOM workstation, imaging, patient monitor were the most attacked devices. 

Vedere Labs analysed data generated from close to 19 million IT, IoT, OT, and IoMT devices on Forescout’s Device Cloud between January and April 2022 and found that manufacturing sector has the most high-risk devices (11%), while government  (43%) and financial sector (37%) have the highest number of medium and high-risk devices. 

Forescout’s Device Cloud is one of the largest repositories of connected enterprise device data.

According to the report, most corporate networks host several interconnected IT, OT and IoT devices, which increases the risk of a cyberattack if any of the devices are compromised. Vedere Labs found that vulnerabilities exist across all device categories. They noted that risk level of a device is based on the level of exposure to Internet (in case of IT and IoT) or how critical they are to operations (OT and IoMT). 

To be sure, according to a November 2021 report by Ponemon Institute, 65% of organizations said that IoT/OT devices are the least secured devices on their networks, while 50% reported an increase in cyberattacks on these devices. 

The report further shows that the list of riskiest IT and OT devices is constant across different regions, however, there was a slight change in the list of riskiest IoT devices and considerable change in the list of riskiest IoMT devices. 

For instance, in Asia Pacific and Japan, electrocardiographs and CY scanners were the riskiest IoMT devices while in Europe and Americas, DISCOM workstation were found to be the riskiest. 

OT device are at a high risk as they are increasingly being targeted by state sponsored attacks, the report claims. 

PLC and HMI are among the riskiest OT devices as they are known to be insecure by design. Similarly,  medical devices are at risk as the increase in ransomware attacks have spilled over to them.