In 2024, attackers are crossing siloes to find entry points across the full spectrum of devices, operating systems and embedded firmware. Today, network equipment has become the riskiest IT device category surpassing endpoints. Threat actors are finding new vulnerabilities in routers and wireless access points — and are exploiting them quickly in massive campaigns. Similarly, IoT devices with vulnerabilities expanded a whopping 136% from a year ago.
And there is an emerging risky-device area to watch: Industrial robots. Special-purpose operating systems are also concerning: Our data shows more than 2,500 unique versions to manage.
Conversely, there is some positive news to report: The healthcare industry’s investment in device security is helping to reduce risk from a year ago. In other positive vertical news, nearly every industry reduced its Telnet exposure and increased the use of SSH. However, healthcare is undoubtedly feeling the pain from major ransomware attacks in 2024, especially in the US. At the same time, the Internet of Medical Things (IoMT) has traded risk places with operational technology and moved up the risky-device scale.
Since 2021, we’ve recognized a persistent number of the usual risky-device suspects. For example, programmable logic controllers (PLCs) and VoIP equipment are always on shaky ground. They consistently make our risk list because this equipment is either inherently insecure or security protocols and configurations are ignored. It is incumbent on security leaders and teams to manage across these fragmented asset environments intelligently and with more control – even when activity is anomalous.