A new report from cybersecurity firm Forescout reveals a critical shift in the cyber threat landscape: attackers are increasingly targeting non-traditional devices to gain a foothold in enterprise networks.
The company’s H1 2025 Threat Review found a significant increase in ransomware and zero-day exploits aimed at “overlooked and unconventional network corners” such as Internet of Things (IoT) devices, IP cameras, and BSD servers.
The report notes a worrying 46% increase in zero-day exploits, with ransomware attacks now averaging 20 per day.
This new wave of attacks is particularly dangerous because these devices often lack the sophisticated security controls, like Endpoint Detection and Response (EDR) software, that are standard on traditional IT assets.
Threat actors are exploiting this vulnerability to gain initial access and then using lateral movement to pivot across IT, OT (Operational Technology), and IoT environments, effectively using an IP camera or a smart thermostat as a silent entry point into a sensitive network.
The data underscores a growing challenge for cyber resilience. According to Forescout, the healthcare sector has been particularly hard-hit, averaging two breaches per day in the first half of 2025, many of which stem from hacking incidents.
The findings highlight that yesterday’s perimeter-based security is no longer sufficient. To defend against these evolving threats, organizations must adopt a continuous, proactive, and “device-agnostic” security strategy that provides comprehensive visibility and protection across all connected assets.
This includes implementing integrated detection solutions that can monitor and respond to threats from the smallest IoT device to the most critical OT system.
