The report shows that the widespread Internet of Things and smart devices pose a threat to cybersecurity

New data from cybersecurity firm Forescout shows that popular IoT devices found in smart homes, such as IP cameras and NVRs, contain some of the riskiest vulnerabilities.

As with most security research reports from companies like Forescout, the target audience is the enterprise sector, but high-end smart home installers should look to the cybersecurity community for guidance when deploying complex networks full of IoT devices.

According to Forescout, IT devices such as routers, wireless access points and endpoints are the riskiest devices, accounting for 58% of vulnerabilities in 2023. Network devices are often exposed on the Internet and have insecure open ports, while endpoints, such as servers, computers and hypervisors, are high risk as entry points due to unpatched systems and applications.

Because routers and wireless access points are among the most sensitive types of devices, integrators should employ security tools and network segmentation when configuring the home networks that power their customers’ high-end smart homes.

Forescout also points out that the number of IoT devices with security vulnerabilities has increased by 136% since 2023, which should be of concern to any organizations or third-party service providers installing IoT devices.

In particular, network-attached storage (NAS), voice-over-IP systems, IP cameras and printers are the “most suspects,” Forescout says. However, for the first time, network video recorders also appear on the list. The company also briefly mentions smart TVs, which have long been known to lack security-enhancing features.

According to Forescout, NVRs, like IP cameras, are network-connected devices commonly found on the Internet that have significant security vulnerabilities that cybercriminal botnets and advanced hacking groups exploit.

Additionally, Forescout says hackers are using building automation systems to disable controllers, recruit vulnerable physical access control devices for botnets, or exploit management workstations to gain initial access.

“These devices dangerously combine the inherently insecure nature of OT with IoT internet connectivity and can often be found on the Internet even in critical locations,” Forescout says in its report.

The company recommends updating, replacing or isolating older devices or those with known vulnerabilities, implementing automatic device compliance verification and enforcement to ensure non-compliant devices cannot connect to the network, and improving network security through segmentation.