Armis Identifies the Riskiest Assets Introducing Threats to Global Businesses
Armis, the leading asset visibility and security company, today released new research identifying the riskiest connected assets posing threats to global businesses. Findings highlight risk being introduced to organizations through a variety of connected assets across device classes, emphasizing a need for a comprehensive security strategy to protect an organization’s entire attack surface in real-time.
This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20230905844605/en/
Source: Data from the Armis Asset Intelligence Engine collected between August 2022 and July 2023.
“Continuing to educate global businesses about the evolving and increased risk being introduced to their attack surface through managed and unmanaged assets is a key mission of ours,” said Nadir Izrael, CTO and Co-Founder of Armis. “This intelligence is crucial to helping organizations defend against malicious cyberattacks. Without it, business, security and IT leaders are in the dark, vulnerable to blind spots that bad actors will seek to exploit.”
Armis’ research, analyzed from the Armis Asset Intelligence Engine, focuses on connected assets with the most attack attempts, weaponized Common Vulnerabilities and Exposures (CVEs) and high-risk ratings to determine the riskiest assets.
Assets With The Highest Number of Attack Attempts
Armis found the top 10 asset types with the highest number of attack attempts were distributed across asset types: IT, OT, IoT, IoMT, Internet of Personal Things (IoPT) and Building Management Systems (BMS). This demonstrates that attackers care more about their potential access to assets rather than the type, reinforcing the need for security teams to account for all physical and virtual assets as part of their security strategy.
Top 10 device types with the highest number of attack attempts:
- Engineering workstations (OT)
- Imaging workstations (IoMT)
- Media players (IoT)
- Personal computers (IT)
- Virtual machines (IT)
- Uninterruptible power supply (UPS) devices (BMS)
- Servers (IT)
- Media writers (IoMT)
- Tablets (IoPT)
- Mobile phones (IoPT)
“Malicious actors are intentionally targeting these assets because they are externally accessible, have an expansive and intricate attack surface and known weaponized CVEs,” said Tom Gol, CTO of Research at Armis. “The potential impact of breaching these assets on businesses and their customers is also a critical factor when it comes to why these have the highest number of attack attempts. Engineering workstations can be connected to all controllers in a factory, imaging workstations will collect private patient data from hospitals and UPSs can serve as an access point to critical infrastructure entities, making all of these attractive targets for malicious actors with varying agendas, like deploying ransomware or causing destruction to society in the case of nation-state attacks. IT leaders need to prioritize asset intelligence cybersecurity and apply patches to mitigate this risk.”
Assets With Unpatched, Weaponized CVEs Vulnerable to Exploitation
Researchers identified a significant number of network-connected assets susceptible to unpatched, weaponized CVEs published before 1/1/2022. Zooming in on the highest percentage of devices of each type that had these CVEs between August 2022 and July 2023, Armis identified the list reflected in Figure A. Unpatched, these assets introduce significant risk to businesses.
Assets with a High-Risk Rating
Armis also examined asset types with the most common high-risk factors:
- Many physical devices on the list that take a long time to replace, such as servers and Programmable Logic Controllers (PLCs), run end-of-life (EOL) or end-of-support (EOS) operating systems. EOL assets are nearing the end of functional life but are still in use, while EOS assets are no longer actively supported or patched for vulnerabilities and security issues by the manufacturer.
- Some assets, including personal computers, demonstrated SMBv1 usage. SMBv1 is a legacy, unencrypted and complicated protocol with vulnerabilities that have been targeted in the infamous Wannacry and NotPetya attacks. Security experts have advised organizations to stop using it completely. Armis found that 74% of organizations today still have at least one asset in their network vulnerable to EternalBlue – an SMBv1 vulnerability.
- Many assets identified in the list exhibited high vulnerability scores, have had threats detected, have been flagged for unencrypted traffic or still have the CDPwn vulnerabilities impacting network infrastructure and VoIPs.
- Half (50%) of pneumatic tube systems were found to have an unsafe software update mechanism.
Additional research from Armis is available on the riskiest OT and ICS devices across critical infrastructure industries as well as the riskiest medical and IoT devices in clinical environments.
Learn more about Armis at www.armis.com.
About Armis
Armis, the leading asset visibility and security company, provides the industry’s first unified asset intelligence platform designed to address the new extended attack surface that connected assets create. Fortune 100 companies trust our real-time and continuous protection to see with full context all managed, unmanaged assets across IT, cloud, IoT devices, medical devices (IoMT), operational technology (OT), industrial control systems (ICS), and 5G. Armis provides passive cyber asset management, risk management, and automated enforcement. Armis is a privately held company and headquartered in California.
To view this piece of content from cts.businesswire.com, please give your consent at the top of this page.
View source version on businesswire.com: https://www.businesswire.com/news/home/20230905844605/en/
Contact information
Rebecca Cradick
Senior Director, Global Communications
Armis
pr@armis.com
About Business Wire
For more than 50 years, Business Wire has been the global leader in press release distribution and regulatory disclosure.
Subscribe to releases from Business Wire
Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.
Latest releases from Business Wire
SCENTMATIC's AI "KAORIUM" Debuts at THAMEEN Fragrance Launch in London's Selfridges4.7.2025 12:13:00 EEST | Press release
SCENTMATIC Inc., a leader in scent digitalization, introduced its AI-powered scent-to-language system, KAORIUM, at the THAMEEN Fragrance new product launch event. This pivotal event took place from June 5 to 11, 2025, at Selfridges department store in London, UK. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20250703662207/en/ State of exhibition Global Expansion: KAORIUM Establishes UK Presence Europe leads the global fragrance market, with the UK projected to reach US$2.82 billion by 2033. Recognizing this, SCENTMATIC is rapidly expanding its international footprint. In May 2024, SCENTMATIC established its overseas subsidiary, KAORIUM, in London, appointing industry expert Ben Yanoushek as CEO. Official UK operations commenced on February 1, 2025, with the launch of its dedicated website: www.kaorium.com. KAORIUM Trialed at "Florentine Diamond" Launch Event The "Florentine Diamond" launch event for luxury brand THAMEEN Frag
Global Tourism Surging Ahead of Economic Growth, With Visits to Hit 30 Billion by 20344.7.2025 02:00:00 EEST | Press release
The World Economic Forum has today published a new report forecasting that the travel and tourism industry is projected to serve 30 billion tourist trips by 2034. Travel and Tourism at a Turning Point: Principles for Transformative Growth, produced in collaboration with Kearney and the Ministry of Tourism Saudi Arabia, reveals a projected $16 trillion contribution to global GDP by the same year—representing more than 11% of the total world economy, according to World Travel & Tourism Council estimates. The report also found that the sector is expanding 1.5 times faster than the global economy, generating significant commercial opportunities as long as the mounting challenges of climate change, labour shortages and infrastructure gaps are addressed. Inbound and outbound trips increasing fast Asia is on track to become the world’s fastest-growing tourism economy, with the direct travel and tourism GDP contribution expected to exceed 7% across the region by 2034. Notably, India and China
The 2025-2026 World Branding Awards Animalis Edition Honouring Leading Pet and Animal Brands Globally3.7.2025 22:00:00 EEST | Press release
The 2025-2026 World Branding Awards Animalis Edition marked its fifth instalment, bringing together leading pet and animal brands from all around the world. These brands were celebrated for their outstanding achievements, earning recognition as National, Regional, and Global Winners. The awards ceremony, held at Vienna's prestigious Hofburg Palace, welcomed winners across diverse categories, including pet food, retail, wellness, pet exhibitions, and aquatic products. Mounia Berrada-Gouzi expertly hosted the evening, which culminated in a grand celebration of brand excellence. “The Animalis Edition of the World Branding Awards recognises brands that have achieved the highest distinction—genuine recognition in the hearts and minds of consumers. Tonight, we honour those whose names resonate globally, whose values inspire loyalty, and whose presence defines excellence in the pet and animal industry,” said Richard Rowles, Chairman of the World Branding Forum. Out of over 950 brands nominate
Venture Global Announces 20-Year Sales and Purchase Agreement with PETRONAS3.7.2025 15:59:00 EEST | Press release
Today, Venture Global, Inc. (NYSE: VG) announced the execution of a new 20-year Sales and Purchase Agreement (SPA) with PETRONAS LNG Ltd. (PLL), a subsidiary of the Malaysian state-owned oil and gas company, PETRONAS. Under the terms of the SPA, PETRONAS will purchase 1 million tonnes per annum (MTPA) of liquefied natural gas (LNG) from Venture Global’s third facility, CP2 LNG, for 20 years. This builds upon Venture Global’s existing agreement with PETRONAS for 1 MTPA of LNG supply from Plaquemines LNG. PETRONAS, a world-class partner in the LNG industry, joins other CP2 LNG customers in Europe, Asia and the rest of the world in a strategically important project to global energy supply and security. To date, approximately 10.75 MTPA of the 14.4 MTPA nameplate capacity for CP2 Phase One has been sold. About Venture Global Venture Global is a long-term, low-cost provider of U.S. LNG sourced from resource rich North American natural gas basins. Venture Global’s business includes assets ac
Frost & Sullivan Recognizes Novotech as 2025 Global Biotech CRO Company of the Year3.7.2025 15:05:00 EEST | Press release
In recognition of its innovation, client-focused delivery, and global impact, Novotech has been awarded the 2025 Global Biotechnology Contract Research Organization (CRO) Company of the Year by Frost & Sullivan. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20250703950144/en/ Novotech Wins Global CRO Award Novotech is a globally recognized full-service clinical CRO and scientific advisory firm, trusted by biotech and small- to mid-sized pharmaceutical companies to advance their drug development programs at every phase. With a global footprint spanning Asia-Pacific, North America, and Europe, Novotech supports over 5,000 clinical trial sites and a distributed team of experts delivering seamless, end-to-end solutions across geographies. “Novotech is redefining biotech-focused clinical research through AI-driven innovation, global expansion, and a client-embedded partnership model. With a clear vision to be the CRO of choice for
In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.
Visit our pressroom