Business Wire

Armis Identifies the Riskiest Assets Introducing Threats to Global Businesses

5.9.2023 16:00:00 EEST | Business Wire | Press release

Share

Armis, the leading asset visibility and security company, today released new research identifying the riskiest connected assets posing threats to global businesses. Findings highlight risk being introduced to organizations through a variety of connected assets across device classes, emphasizing a need for a comprehensive security strategy to protect an organization’s entire attack surface in real-time.

This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20230905844605/en/

To view this piece of content from mms.businesswire.com, please give your consent at the top of this page.

Source: Data from the Armis Asset Intelligence Engine collected between August 2022 and July 2023.

“Continuing to educate global businesses about the evolving and increased risk being introduced to their attack surface through managed and unmanaged assets is a key mission of ours,” said Nadir Izrael, CTO and Co-Founder of Armis. “This intelligence is crucial to helping organizations defend against malicious cyberattacks. Without it, business, security and IT leaders are in the dark, vulnerable to blind spots that bad actors will seek to exploit.”

Armis’ research, analyzed from the Armis Asset Intelligence Engine, focuses on connected assets with the most attack attempts, weaponized Common Vulnerabilities and Exposures (CVEs) and high-risk ratings to determine the riskiest assets.

Assets With The Highest Number of Attack Attempts

Armis found the top 10 asset types with the highest number of attack attempts were distributed across asset types: IT, OT, IoT, IoMT, Internet of Personal Things (IoPT) and Building Management Systems (BMS). This demonstrates that attackers care more about their potential access to assets rather than the type, reinforcing the need for security teams to account for all physical and virtual assets as part of their security strategy.

Top 10 device types with the highest number of attack attempts:

  • Engineering workstations (OT)
  • Imaging workstations (IoMT)
  • Media players (IoT)
  • Personal computers (IT)
  • Virtual machines (IT)
  • Uninterruptible power supply (UPS) devices (BMS)
  • Servers (IT)
  • Media writers (IoMT)
  • Tablets (IoPT)
  • Mobile phones (IoPT)

“Malicious actors are intentionally targeting these assets because they are externally accessible, have an expansive and intricate attack surface and known weaponized CVEs,” said Tom Gol, CTO of Research at Armis. “The potential impact of breaching these assets on businesses and their customers is also a critical factor when it comes to why these have the highest number of attack attempts. Engineering workstations can be connected to all controllers in a factory, imaging workstations will collect private patient data from hospitals and UPSs can serve as an access point to critical infrastructure entities, making all of these attractive targets for malicious actors with varying agendas, like deploying ransomware or causing destruction to society in the case of nation-state attacks. IT leaders need to prioritize asset intelligence cybersecurity and apply patches to mitigate this risk.”

Assets With Unpatched, Weaponized CVEs Vulnerable to Exploitation

Researchers identified a significant number of network-connected assets susceptible to unpatched, weaponized CVEs published before 1/1/2022. Zooming in on the highest percentage of devices of each type that had these CVEs between August 2022 and July 2023, Armis identified the list reflected in Figure A. Unpatched, these assets introduce significant risk to businesses.

Assets with a High-Risk Rating

Armis also examined asset types with the most common high-risk factors:

  • Many physical devices on the list that take a long time to replace, such as servers and Programmable Logic Controllers (PLCs), run end-of-life (EOL) or end-of-support (EOS) operating systems. EOL assets are nearing the end of functional life but are still in use, while EOS assets are no longer actively supported or patched for vulnerabilities and security issues by the manufacturer.
  • Some assets, including personal computers, demonstrated SMBv1 usage. SMBv1 is a legacy, unencrypted and complicated protocol with vulnerabilities that have been targeted in the infamous Wannacry and NotPetya attacks. Security experts have advised organizations to stop using it completely. Armis found that 74% of organizations today still have at least one asset in their network vulnerable to EternalBlue – an SMBv1 vulnerability.
  • Many assets identified in the list exhibited high vulnerability scores, have had threats detected, have been flagged for unencrypted traffic or still have the CDPwn vulnerabilities impacting network infrastructure and VoIPs.
  • Half (50%) of pneumatic tube systems were found to have an unsafe software update mechanism.

Additional research from Armis is available on the riskiest OT and ICS devices across critical infrastructure industries as well as the riskiest medical and IoT devices in clinical environments.

Learn more about Armis at www.armis.com.

About Armis

Armis, the leading asset visibility and security company, provides the industry’s first unified asset intelligence platform designed to address the new extended attack surface that connected assets create. Fortune 100 companies trust our real-time and continuous protection to see with full context all managed, unmanaged assets across IT, cloud, IoT devices, medical devices (IoMT), operational technology (OT), industrial control systems (ICS), and 5G. Armis provides passive cyber asset management, risk management, and automated enforcement. Armis is a privately held company and headquartered in California.

To view this piece of content from cts.businesswire.com, please give your consent at the top of this page.

Contact information

Rebecca Cradick
Senior Director, Global Communications
Armis
pr@armis.com

About Business Wire

For more than 50 years, Business Wire has been the global leader in press release distribution and regulatory disclosure.

Subscribe to releases from Business Wire

Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.

Latest releases from Business Wire

Access Advance and Alibaba Announce Alibaba's Expanded Participation in the VDP Pool2.7.2026 03:00:00 EEST | Press release

Access Advance LLC and Alibaba Group today announced that Alibaba has joined the Access Advance Video Distribution Patent Pool (VDP Pool) as a Licensee, securing a license to the pool's comprehensive coverage of HEVC, VVC, VP9, and AV1 codec technologies. The announcement marks a milestone in a multi-year collaboration between the two companies that spans the VVC Advance Patent Pool, where Alibaba participates as both a Licensor and Licensee, and the VDP Pool, where Alibaba joined as a Licensor in 2025. Alibaba's subsidiary Youku, one of China's leading streaming platforms, also joined the VDP Pool as a Licensee in 2025. Alibaba operates one of the world's most diverse video ecosystems, spanning a wide range of video-based services across e-commerce, entertainment, and digital media. As video has become central to how consumers shop, communicate, and access entertainment, the breadth of Alibaba's video operations reflects the kind of business model complexity the VDP Pool was designed

Vertex Announces US FDA Approval for Expanded Use of CASGEVY ® for the Treatment of People Ages 2 Years and Older With Sickle Cell Disease or Transfusion-Dependent Beta Thalassemia2.7.2026 02:58:00 EEST | Press release

Vertex Pharmaceuticals Incorporated (Nasdaq: VRTX) announced today that the U.S. Food and Drug Administration (FDA) has approved expanded use of CASGEVY® (exagamglogene autotemcel) for the treatment of people ages 2 years and older with either sickle cell disease (SCD) with recurrent vaso-occlusive crises (VOCs) or transfusion-dependent beta thalassemia (TDT). CASGEVY is the first approved genetic therapy indicated for children as young as 2 years for both SCD and TDT. “Just as we redefined what is possible in cystic fibrosis, our ambition is to transform the future for people living with sickle cell disease and transfusion-dependent beta thalassemia. The remarkable consistency of results across age groups reinforces the potential of CASGEVY to deliver durable, transformative benefits to those who have historically had limited options,” said Reshma Kewalramani, M.D., Chief Executive Officer and President, Vertex. “We’re deeply grateful to the patients, families and investigators who pa

Robinhood Chooses Morpho to Power New Earn Product1.7.2026 22:15:00 EEST | Press release

Morpho, the open blockchain-based credit network, today announced it will power Robinhood’s new Earn product, enabling Robinhood's millions of eligible users more options to earn yield onchain via a self-custody wallet, directly within the Robinhood app. The product will roll out progressively to Robinhood's US customer base over the coming weeks. The Robinhood Earn product aims to provide risk-adjusted yield on idle balances using USDG, a dollar-pegged stablecoin. Morpho serves as the underlying credit network, Steakhouse Financial curates the vault infrastructure supporting the product, and Robinhood Chain acts as the settlement layer. The product is delivered through a seamless experience in the Robinhood app. Morpho operates as an open network on the blockchain. Lenders and borrowers compete in real time, helping create more efficient markets and enabling financial products with better rates and terms for users. USDG supplied through Robinhood Earn is deposited into a Morpho Vault

Photonics Innovators Worldwide Invited to Compete for SPIE Prism Awards1.7.2026 21:33:00 EEST | Press release

SPIE, the international society of optics and photonics, invites the optics and photonics community to apply for this year’s SPIE Prism Awards, which recognize outstanding new products making waves on the market. Honorees will be announced at the highly-anticipated award ceremony on 3 February 2027 at SPIE Photonics West in San Francisco, California. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260701642411/en/ SPIE Prism Awards honor exceptional new products transforming optics and photonics technologies. These awards, dubbed the “Oscars of Photonics,” provide scientists and engineers in the optics and photonics industry the opportunity to showcase their contributions to the field. Finalists and winners receive extensive print, web, and onsite promotion at SPIE Photonics West, which draws more than 22,000 researchers and industry leaders every year. “The Prism Awards are recognized across the optics and photonics industry

Around 500 Attend Sino-European ESG Conference in Germany1.7.2026 19:00:00 EEST | Press release

Around 500 government officials, business executives and academics from China and Europe gathered in the western German city of Mainz on Friday for the Third Sino-European Corporate ESG Best Practice Conference to discuss how deeper cooperation can support sustainable economic growth. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260701255421/en/ Group photo of selected attendees at the conference. Hosted by the Chinese Consulate General in Frankfurt and jointly organized with authorities from Germany and China, the conference brought together participants from China, Germany, France, Italy, the Netherlands, Denmark, Luxembourg and several other countries under the theme "From Vision to Practice: Empowering Sustainable Growth Through Collaboration." Francesco La Camera, Director-General of the International Renewable Energy Agency (IRENA), delivered a video address. Speaking at the opening ceremony, Huang Yiyang, Chinese Co

In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.

Visit our pressroom
World GlobeA line styled icon from Orion Icon Library.HiddenA line styled icon from Orion Icon Library.Eye