UPDATED 09:00 EDT / JUNE 10 2024

SECURITY

Forescout report finds network infrastructure attacks have overtaken endpoint security risks

A new report released today by Forescout Research’s Vedere Labs warns that network equipment has become the riskiest information technology device category, surpassing endpoints as attackers are crossing silos to find entry points across the full spectrum of devices, operating systems and embedded firmware.

The finding was the top result in the Riskiest Connected Devices in 2024 report, based on the analysis of nearly 19 million devices. The data gathered was used to analyze and identify the riskiest connected devices across categories, including IT, the internet of things, operation technology and the internet of medical things.

IT devices were found to account for 58% of vulnerabilities so far this year, down from 78% in 2023. Over the same period, IoT vulnerabilities increased to 33% from 14%. Wireless access points, routers, printers, voice-over-internet-protocol equipment and IP cameras were found to be the most vulnerable device types, with unmanaged devices such as VoIP equipment, networking equipment and printers noted as highly exposed.

Network infrastructure devices, including routers and wireless access points, overtook endpoints — including servers and computers — as the riskiest exposure point, a swap from the situation in 2023. The report notes that the switch is the result of a rapid increase in the number of vulnerabilities targeting and successfully exploring network infrastructure devices since the second half of 2023.

By industry, technology, education and manufacturing were found to have the riskiest devices. Conversely, healthcare was found to have experienced a significant reduction in risk, largely due to reduced use of remote desktop protocols and legacy Windows versions.

The report also highlights sectors using old versions of Windows, with the technology sector leading, followed by education, retail and healthcare.

In terms of what attackers are also targeting, commonly exposed ports were found to remain popular attack vectors, including Server Message Block Protocol, RDP, Secure Shell and Telnet. Healthcare, technology and manufacturing were found to have reduced Telnet exposure but increased SSH usage.

When it comes to exposed devices, computers, mobile devices and servers were found to account for the majority of exposed devices. VoIP equipment, networking equipment and printers were the most exposed unmanaged devices.

“The attack surface now encompasses IT, IoT and OT in almost every organization — with IoMT in healthcare,” the report concludes. “It is not enough to focus defenses on risky devices in a single category since attackers can leverage devices of different categories to carry out attacks.”

To defend this expanded attack surface, the report adds, “organizations need new security approaches to identify and reduce risk. Modern risk and exposure management must encompass devices in every category to identify, prioritize and reduce risk across the whole organization.”

Image: Forescout

A message from John Furrier, co-founder of SiliconANGLE:

Support our open free content by sharing and engaging with our content and community.

Join theCUBE Alumni Trust Network

Where Technology Leaders Connect, Share Intelligence & Create Opportunities

11.4k+  
CUBE Alumni Network
C-level and Technical
Domain Experts
15M+ 
theCUBE
Viewers
Connect with 11,413+ industry leaders from our network of tech and business leaders forming a unique trusted network effect.

SiliconANGLE Media is a recognized leader in digital media innovation serving innovative audiences and brands, bringing together cutting-edge technology, influential content, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — such as those established in Silicon Valley and the New York Stock Exchange (NYSE) — SiliconANGLE Media operates at the intersection of media, technology, and AI. .

Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a powerful ecosystem of industry-leading digital media brands, with a reach of 15+ million elite tech professionals. The company’s new, proprietary theCUBE AI Video cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.