A recent incident involving a Raspberry Pi plugged into a ferry's network underscores a significant risk for enterprises: physical security vulnerabilities. Analysts warn that half of all companies could face similar threats. The attack attempt, which immobilized the ferry in a French port, was thwarted due to effective onboard security measures, such as segregating operational networks and restricting remote access to critical systems. However, this incident revealed how easily a rogue device can bypass traditional security measures. Experts like Sanchit Vir Gogia from Greyhound Research highlight that many enterprise security programs are designed to combat external threats, neglecting the dangers posed by internal devices. The Raspberry Pi, combined with a cellular modem, can create a new entry point from within a building, avoiding firewalls and monitored gateways. Fred Chagnon of Info-Tech Research Group emphasizes the need for stricter controls on Ethernet ports, advocating for administrative disabling of unused ports and advanced monitoring tools that can distinguish between legitimate devices and potential threats. CISO Flavio Villanustre points out the challenges of detecting such intrusions, especially in large networks where a Raspberry Pi might mimic a standard IoT device. He advises caution when dealing with discovered rogue devices, as disconnecting them could erase valuable forensic evidence. Experts recommend immediate isolation and forensic analysis before removal, emphasizing the importance of capturing network traffic to understand the device's communications and potential threat level. Kaveh Ranjibar from Whisper Security stresses the need for continuous external monitoring to detect suspicious activities, as any device communicating with known malicious networks should trigger immediate investigation.