Trending:
Cybersecurity

IoT devices expose enterprise networks through unpatched protocols and default credentials

Smart devices in offices and industrial settings create persistent security gaps through outdated firmware, weak protocols like MQTT and CoAP, and manufacturer abandonment. With 70% of vulnerabilities in hard-to-patch network devices and ransomware damage hitting $57B annually, enterprise leaders need visibility beyond traditional IAM.

TheBiggish Editorial ·
IoT devices expose enterprise networks through unpatched protocols and default credentials

The Problem

IoT devices have quietly become the enterprise network's weakest link. Not the flashy ones—the forgotten security cameras from 2022, building management sensors, and industrial monitors that haven't received firmware updates in years but still work well enough to ignore.

The numbers tell the story: 70% of IoT vulnerabilities sit in devices too deep in networks to patch easily. Meanwhile, 29% of exploits target public-facing applications, and 21% use compromised credentials—often factory defaults that were never changed.

The Attack Surface

Two protocols dominate IoT communication, and both have known issues:

MQTT (Message Queuing Telemetry Transport) is lightweight and popular, which makes it a target. Default port 8883 often runs without proper TLS encryption. Worse, many implementations skip authentication entirely or use default broker credentials. Man-in-the-middle attacks are straightforward when encryption is missing.

CoAP (Constrained Application Protocol) has its own problems. The Observe feature, designed for efficient updates, can be weaponized for amplification attacks. CoAP's UDP foundation makes it faster than MQTT's TCP but harder to secure.

Compare both to HTTPS and they look fragile. They were designed for constrained devices, not hostile networks.

What This Means in Practice

Enterprise environments face compounding risks:

  • Legacy operational technology (OT) and building systems sit outside identity and access management
  • Manufacturers stop supporting devices while they're still deployed
  • Unmanaged endpoints create blind spots in network monitoring
  • Device proliferation outpaces security team capacity

The EU's Cyber Resilience Act is pushing manufacturer liability and mandatory updates. CISA's Cybersecurity Performance Goals 2.0 target remote access controls. Regulations are catching up, but implementation lags.

The Real Work

Three things matter:

  1. Asset visibility - You can't secure what you don't know exists. Many enterprises don't have complete IoT inventories.
  2. Network segmentation - IoT devices shouldn't share networks with critical systems. Zero-trust architecture helps but requires commitment.
  3. Patch governance - Define end-of-life policies before deployment. When vendors stop updates, devices come offline.

The alternative is accepting that every smart thermostat and networked sensor is a potential entry point. History suggests that doesn't end well.

Tags:
cybersecurity infrastructure regulation iot enterprise

Related Articles

OpenClaw's 21,000 exposed instances reveal gap between AI agent hype and security reality
Cybersecurity

OpenClaw's 21,000 exposed instances reveal gap between AI agent hype and security reality

The viral open-source AI assistant hit 148,000 GitHub stars while security researchers discovered over 21,000 publicly accessible instances leaking personal configuration data. The project's third rebrand in two months—from Clawdbot to Moltbot to OpenClaw—coincided with 34 security commits, but the exposure demonstrates how autonomous AI adoption is outpacing security fundamentals.

Feb 2, 2026