Summary Points
- Enterprise security is shifting focus from endpoints to network infrastructure, with routers and switches now accounting for a significant portion of critical vulnerabilities, highlighting the expanding attack surface in core network layers.
- A diverse range of connected devices, including medical systems, industrial controllers, and smart building components, are increasingly being classified as high-risk due to outdated firmware, default credentials, and weak security controls.
- Attackers are exploiting vulnerabilities across IT, OT, IoT, and IoMT, with persistent threats on foundational assets such as routers, VoIP systems, UPS devices, and healthcare devices, emphasizing the need for integrated, cross-domain security strategies.
- Effective defense requires automated, continuous risk management that spans all connected environments, moving beyond isolated endpoint protection to address vulnerabilities in network infrastructure and minimally managed assets.
The Issue
A recent report from Forescout Technologies highlights a significant shift in cybersecurity risks within enterprise environments. Traditionally, endpoints such as laptops and mobile devices were seen as the primary targets. However, the report reveals that network infrastructure—especially routers—has now become the most critical area of vulnerability. This change is driven by attackers focusing on core network layers, exploiting weakly managed devices like routers, switches, and operational technology devices such as serial-to-IP converters, RFID readers, and healthcare systems. Many of these devices operate with outdated firmware, default credentials, and poorly monitored management interfaces, making them attractive entry points for cyberattacks. For instance, compromised routers and UPS devices could enable lateral movement across networks, allowing attackers to evade perimeter defenses and magnify their impact. The report also emphasizes how risks are expanding into operational technology (OT) and healthcare equipment, including MRI scanners and medication dispensing systems, which often run on legacy systems vulnerable to exploitation.
Furthermore, the report, based on millions of devices, underscores disparities across industries, with financial and government sectors experiencing far higher levels of risk compared to retail or manufacturing. This heightened exposure results from industry-specific vulnerabilities, such as fragmented operating systems and aging infrastructure, especially as Windows 10 approaches end-of-life. The report concludes that modern security strategies must be comprehensive and automated, prioritizing continuous risk management across IT, OT, IoT, and healthcare devices, rather than focusing solely on traditional endpoints. As threat actors shift their attention toward network infrastructure and specialized connected devices, organizations are urged to implement scalable, integrated defenses that can adapt to this evolving landscape to mitigate potential damage effectively.
Risks Involved
The Forescout 2026 Riskiest Connected Devices report highlights a growing threat that can impact any business—especially as operational technology (OT) and industrial control systems (ICS) become prime targets for cyber attackers. As networks expand and connect more devices, vulnerabilities deepen, making your critical infrastructure susceptible to breaches. If cybercriminals gain access, they could disrupt production, cause costly outages, or steal sensitive information. Consequently, your business faces serious financial losses, reputational damage, and operational delays. Therefore, it’s crucial for organizations to recognize these risks early, implement robust security measures, and monitor connected devices vigilantly to prevent exploitation.
Possible Actions
Ensuring swift remediation when vulnerabilities are identified is vital to prevent potentially catastrophic disruptions, especially as cyber attackers increasingly focus on operational technology (OT) and industrial control systems (ICS). The Forescout 2026 Riskiest Connected Devices report highlights a troubling rise in threats targeting network infrastructure, emphasizing the urgent need to act quickly to protect critical systems.
Assessment & Prioritization
Conduct comprehensive vulnerability assessments to identify susceptible devices; prioritize patches and fixes based on risk level and potential impact.
Patch Management
Implement rigorous patching processes to keep all connected devices current with security updates, reducing exploitable weaknesses.
Network Segmentation
Segment networks to isolate OT and ICS assets from general business systems, limiting attacker movement and exposure.
Continuous Monitoring
Utilize real-time monitoring tools to detect anomalous activity and potential breaches across all network segments.
Access Control
Enforce strict access controls, including multi-factor authentication and least privilege policies, to prevent unauthorized device access.
Incident Response Planning
Develop and regularly test incident response strategies specifically tailored to OT and ICS environments to ensure rapid containment and recovery.
Vendor Collaboration
Work closely with device manufacturers and solution providers to stay informed about emerging threats and recommended security measures.
Training & Awareness
Educate staff and engineers about evolving risks to foster vigilant security practices across the organization.
Explore More Security Insights
Discover cutting-edge developments in Emerging Tech and industry Insights.
Explore engineering-led approaches to digital security at IEEE Cybersecurity.
Disclaimer: The information provided may not always be accurate or up to date. Please do your own research, as the cybersecurity landscape evolves rapidly. Intended for secondary references purposes only.
Cyberattacks-V1cyberattack-v1-multisource
