Cybersecurity solutions firm Forescout Technologies has come out with a list of the five ‘riskiest devices’ in four device categories of information technology, Internet of Things, Operational Technologies and Internet of Medical Things (IoMT).

“The attack surface now encompasses IT, IoT and OT in almost every organisation, with the addition of IoMT in healthcare. The researchers demonstrated this with R4IoT (Ransomware for IoT), an attack that starts with an IP camera (IoT), moves to a workstation (IT) and disables PLCs (programmable logic controllers,” Forescout has said on Thursday.

Vulnerable devices in the IT domain included routers, computers, servers, wireless access points and hypervisors. In IoT, devices like IP cameras, VoIP (Voice Over Internet Protocol), video conferencing, ATMs and printers (the things that are connected to the Internet.

In Operational Technologies, devices such as PLCs, uninterruptible power supply (UPS), environmental monitoring and building automation controllers are exposed to cyber attacks.

Vedere Labs, the cybersecurity research arm of Forescout, analysed device data between January 1 and April 30, 2022, in Forescout’s Device Cloud, a repository of connected enterprise device data.

“The two recurring themes in the recent research of Vedere Labs have been the growing attack surface due to more devices being connected to enterprise networks and how threat actors leverage these devices to achieve their goals,” it said.

“After understanding the attack surface, it is important to mitigate risk with automated controls that do not rely only on security agents and that apply to the whole enterprise, instead of silos like the IT network, the OT network or specific types of IoT devices,” it pointed out.