The security experts at Ordr have released their 2021 Rise of the Machines report, which delves into the security issues experienced by connected devices. Ordr is a leader in connected device security, so their report, titled “Rise of the Machines 2021: State of Connected Devices – IT, IoT, IoMT and OT” is viewed as an authoritative source on the subject.
Their research covers one year of data—June 2020 through June 2021—in more than 500 locations in the healthcare, retail, manufacturing, and science industries
The pandemic has introduced new cybersecurity challenges.
Since the pandemic began, interconnected device use has rapidly grown as people try to stay connected in a world that requires social distancing and remote work. A parallel rise in cybersecurity threats and ransomware attacks is happening. These attacks are exposing how vulnerable these devices are to security breaches.
Critical medical and manufacturing devices are of particular concern, but vulnerabilities extend to security cameras, network devices, phones, and other supportive devices as well. Many of these cannot be patched to include security updates or to run a security agent that scans for threats on a regular basis. The report by Ordr found that 42 percent of connected devices they examined were not using security agents or were unable to support that kind of software.
Personal devices have invaded enterprise networks and opened further vulnerabilities.
Employees may not think twice about connecting a personal phone, speaker, or gaming device to their business’s network. But each new connection adds another endpoint for threat actors to gain access to the sensitive information contained within that network. Additionally, the personal data gathered from these devices provides cyber criminals with plenty of information they could use to find targets and build successful phishing campaigns.
Notably, Ordr found twice the number of personal devices connected to enterprise networks than they reported in last year’s Rise of the Machines report.
Outdated software and operating systems pose the highest risk.
Nearly one in five devices run an outdated operating system. Another 34 percent run an operating system that will be discontinued shortly, with no further security updates after support ends. Most disturbingly, Ordr found that 15 percent of medical devices and 32 percent of medical imaging devices run an outdated operating system. Expensive medical equipment, including many devices found in hospitals, cannot be replaced frequently. These devices are hard to upgrade or patch because operations would be disrupted if there were unexpected glitches in the updates.
Organizations need to address these vulnerabilities as soon as possible.
The CEO of Ordr, Greg Murphy, warns, “As the number of connected devices climbs, the number and sophistication of attacks targeting them will grow.” With 46 percent of connected devices at risk for an attack of medium to high severity, it’s crucial for organizations to stay on top of potential threats.