Rise of the Machines 2021

Issue link:

Contents of this Issue


Page 1 of 14

Rise of the Machines Many of us watched the 2011 Steven Soderbergh movie Contagion. The movie was uncanny in "predicting" scenarios like enforced social distancing (10 feet in the movie instead of 6 feet), grocery store panic runs, school closings, homeopathic miracle cures, and even vaccine development efforts. The only scenario the movie didn't predict was the increase in cyberattacks in the midst of a pandemic, perhaps a premise unfathomable even for Hollywood. But it was the unfortunate reality faced by many organizations last year. Healthcare organizations had to deal with the security of devices that were rapidly procured and deployed not only in their organization but in field hospitals, to address the surge in COVID-19 patients. Other organizations scrambled to deal with new work-from-home requirements. During the chaos and confusion, threat actors launched cyberattacks. We saw an increase in ransomware, where attackers not only encrypted traffic to halt operations but also transitioned to a new business model of releasing sensitive data if the ransomware wasn't paid. If that wasn't enough to deal with, towards the end of 2020, we learned that threat actors had added malicious code to SolarWinds Orion software, used by more than 33,000 customers to manage IT resources. Beginning in as early as March of 2020, SolarWinds sent software updates to its customer that included the malicious code, creating a backdoor to 18,000 customer networks. This year's Rise of the Machines Report shines a spotlight on these cyberattacks, and the growth of agentless devices in the network . Using anonymized data from Ordr's deploy- ments across more than 400 deployments and 12 million devices, we analyzed the security risks and trends with connected devices for the past 12 months, from June 2020 through June 2021. THE RESULTS ILLUMINATED SOME INTERESTING FINDINGS: 42% of connected devices are agentless devices, suggesting that almost half of your devices cannot be protected via traditional endpoint security agents. The top agentless devices included industry-based devices, IP phones, printers, and facilities devices like video surveillance cameras and badge readers. Internet of stranger things discovered in Ordr deployments included Teslas, Alexas, Pelotons, Sonos speaker devices and gaming devices. Outdated operating systems present the greatest risks. Almost 19% of deployments are still running outdated operating systems such as Windows 7 and older. 46% of all IoT devices are vulnerable to medium and high severity attacks. Healthcare organizations are seeing significant risks. 68% of healthcare deployments have more than 10 FDA recalls, 32% of medical imaging devices run on unsupported operating systems and 15% of medical devices run on unsupported operating systems. In Ordr deployments, we found that 55% of deployments had devices with "orphaned users", and 20% of deployments had devices with local users. 2 RISE OF THE MACHINES 2021: STATE OF CONNECTED DEVICES — IT, IoT, IoMT AND OT

Articles in this issue

view archives of Reports - Rise of the Machines 2021