How Are Network Infrastructure Attacks Outpacing Endpoint Risks?

June 10, 2024

The world of cybersecurity is undergoing a pivotal transformation. As we entrench ourselves deeper into the digital age, the very nature of threats to our interconnected systems evolves. Cybersecurity isn’t just about defending endpoints anymore—the spotlight has shifted to the networks that bind them. A comprehensive report by Vedere Labs from Forescout Research reveals these emerging patterns, drawing from an extensive analysis of close to 19 million devices worldwide. Key findings indicate a discernible shift in the landscape of digital threats, as network infrastructure attacks now loom larger over endpoint security risks, marking a new era of challenges for IT security professionals.

The Rise of Network Infrastructure Vulnerabilities

A Paradigm Shift in Device Threat Levels

The “Riskiest Connected Devices in 2024” report uncovers that IT devices, once the primary target, now embody 58% of vulnerabilities, showing a decrease from prior years. Meanwhile, IoT vulnerabilities have climbed to one-third of the total, suggesting a dynamic transition in the attack landscape that adversaries are eager to exploit. What stands out in the findings is the diversity of the vulnerabilities: critical security gaps are not just found in what one might consider high-profile targets. Wireless access points, routers, printers, VoIP equipment, and IP cameras—devices that often go unnoticed—are increasingly exploited.

This trend brings to light the risks associated with unmanaged devices that pervade our networks, largely unchecked. From VoIP equipment and network gear to the seemingly innocuous office printers, the growing exposure points to a larger issue—many organizations may be unaware of the lurking vulnerabilities within their own networks. As attacks become more sophisticated, sectors like technology, education, and manufacturing face heightened risks. Conversely, the healthcare sector has improved its defense stance, thanks in part to a move away from outdated systems and protocols that once made it an easy target for cyber threats.

Pervasive Vulnerability Across Industries

Attackers are no longer limiting their offensive to a singular type of device; rather, they are launching comprehensive assaults that exploit weaknesses across IT, IoT, OT, and IoMT devices—particularly in the healthcare sector. This approach reflects a strategic shift by cyber adversaries, one that demands an equally wide-reaching defensive strategy from organizations. To effectively counter the risks, security protocols must be inclusive of all devices that operate within an organization’s network, ensuring systematic assessment, prioritization, and mitigation of vulnerabilities.

But not all ports are equal in the eyes of a cybercriminal; certain ones, like SMB Protocol, RDP, SSH, and Telnet, remain favored venues for entry. Here too, the nature of the threat has evolved as industries experience a move from older protocols like Telnet to newer ones such as SSH. Despite the growing attention towards network infrastructure, traditional endpoints—computers, mobile devices, servers—still remain significant weak spots, underlining the necessity for multi-dimensional security practices.

A Call to Advance Cybersecurity Measures

Enhanced Risk and Exposure Management

Given this alarming shift to network infrastructure vulnerabilities, there’s a pressing need for advanced techniques in risk and exposure management. Traditional security solutions prove insufficient against the dynamic and broad spectrum of today’s cyber threats. The report advises organizations to pivot towards a security model capable of handling an integrated array of connected devices, which, in practice, means adopting a more nuanced and flexible strategy to protect the vast expanse of an enterprise’s digital footprint.

Subscribe to our weekly news digest!

Join now and become a part of our fast-growing community.

Invalid Email Address
Thanks for subscribing.
We'll be sending you our best soon.
Something went wrong, please try again later