- Nearly half of IoT-to-IT connections come from vulnerable or misconfigured high-risk devices
- Flat networks allow threats to spread easily between IoT and IT systems
- Protection requires segmentation, Zero Trust, visibility, and endpoint monitoring
Almost half of all network connections (48.2%) from Internet of Things (IoT) devices to internal IT devices originate from high-risk IoT gear, and another 4% come from critical-risk components, experts have warned.
A new paper published by Palo Alto Networks based on telemetry from 27 million devices noted almost half of all such connections involve devices that are either vulnerable to exploitable flaws or misconfigured and thus dangerous.
These high-risk systems have, aside from unpatched vulnerabilities, weak configurations, or insecure protocols, which can create a broad, persistent attack surface, and opens direct paths for threats to spread from compromised IoT endpoints into core business systems.
How to stay safe
A single exploited IoT device could allow lateral movement within a network, leading to data theft, business disruption, or major financial loss.
The number one risk factor here is the lack of network segmentation, it was said. Most enterprises operate a “flat” network, in which IT and IoT devices coexist without isolation.
That means that once a threat actor enters the network, they can easily move from one device to another, expanding their reach and wreaking more havoc.
There are a number of things both small and medium-sized businesses (SMB) and enterprises can do to protect against these risks.
First, they should enforce strict network segmentation between IoT and IT systems, in order to isolate high-risk or unmanaged devices from critical infrastructure.
Then, they should implement a Zero Trust architecture, applying least-privilege access, continuous device verification, and contextual access controls.
Also, they should make sure they have complete device visibility, including unmanaged and BYOD assets, and apply regular vulnerability and firmware patching.
Finally, businesses should deploy comprehensive endpoint protection (EDR/XDR) across all managed IT assets and develop alternative monitoring for IoT endpoints that can’t run agents.
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.
