Armis Identifies the Riskiest Assets Introducing Threats to Global Businesses
5.9.2023 16:00:00 EEST | Business Wire | Press release
Armis, the leading asset visibility and security company, today released new research identifying the riskiest connected assets posing threats to global businesses. Findings highlight risk being introduced to organizations through a variety of connected assets across device classes, emphasizing a need for a comprehensive security strategy to protect an organization’s entire attack surface in real-time.
This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20230905844605/en/
Source: Data from the Armis Asset Intelligence Engine collected between August 2022 and July 2023.
“Continuing to educate global businesses about the evolving and increased risk being introduced to their attack surface through managed and unmanaged assets is a key mission of ours,” said Nadir Izrael, CTO and Co-Founder of Armis. “This intelligence is crucial to helping organizations defend against malicious cyberattacks. Without it, business, security and IT leaders are in the dark, vulnerable to blind spots that bad actors will seek to exploit.”
Armis’ research, analyzed from the Armis Asset Intelligence Engine, focuses on connected assets with the most attack attempts, weaponized Common Vulnerabilities and Exposures (CVEs) and high-risk ratings to determine the riskiest assets.
Assets With The Highest Number of Attack Attempts
Armis found the top 10 asset types with the highest number of attack attempts were distributed across asset types: IT, OT, IoT, IoMT, Internet of Personal Things (IoPT) and Building Management Systems (BMS). This demonstrates that attackers care more about their potential access to assets rather than the type, reinforcing the need for security teams to account for all physical and virtual assets as part of their security strategy.
Top 10 device types with the highest number of attack attempts:
- Engineering workstations (OT)
- Imaging workstations (IoMT)
- Media players (IoT)
- Personal computers (IT)
- Virtual machines (IT)
- Uninterruptible power supply (UPS) devices (BMS)
- Servers (IT)
- Media writers (IoMT)
- Tablets (IoPT)
- Mobile phones (IoPT)
“Malicious actors are intentionally targeting these assets because they are externally accessible, have an expansive and intricate attack surface and known weaponized CVEs,” said Tom Gol, CTO of Research at Armis. “The potential impact of breaching these assets on businesses and their customers is also a critical factor when it comes to why these have the highest number of attack attempts. Engineering workstations can be connected to all controllers in a factory, imaging workstations will collect private patient data from hospitals and UPSs can serve as an access point to critical infrastructure entities, making all of these attractive targets for malicious actors with varying agendas, like deploying ransomware or causing destruction to society in the case of nation-state attacks. IT leaders need to prioritize asset intelligence cybersecurity and apply patches to mitigate this risk.”
Assets With Unpatched, Weaponized CVEs Vulnerable to Exploitation
Researchers identified a significant number of network-connected assets susceptible to unpatched, weaponized CVEs published before 1/1/2022. Zooming in on the highest percentage of devices of each type that had these CVEs between August 2022 and July 2023, Armis identified the list reflected in Figure A. Unpatched, these assets introduce significant risk to businesses.
Assets with a High-Risk Rating
Armis also examined asset types with the most common high-risk factors:
- Many physical devices on the list that take a long time to replace, such as servers and Programmable Logic Controllers (PLCs), run end-of-life (EOL) or end-of-support (EOS) operating systems. EOL assets are nearing the end of functional life but are still in use, while EOS assets are no longer actively supported or patched for vulnerabilities and security issues by the manufacturer.
- Some assets, including personal computers, demonstrated SMBv1 usage. SMBv1 is a legacy, unencrypted and complicated protocol with vulnerabilities that have been targeted in the infamous Wannacry and NotPetya attacks. Security experts have advised organizations to stop using it completely. Armis found that 74% of organizations today still have at least one asset in their network vulnerable to EternalBlue – an SMBv1 vulnerability.
- Many assets identified in the list exhibited high vulnerability scores, have had threats detected, have been flagged for unencrypted traffic or still have the CDPwn vulnerabilities impacting network infrastructure and VoIPs.
- Half (50%) of pneumatic tube systems were found to have an unsafe software update mechanism.
Additional research from Armis is available on the riskiest OT and ICS devices across critical infrastructure industries as well as the riskiest medical and IoT devices in clinical environments.
Learn more about Armis at www.armis.com.
About Armis
Armis, the leading asset visibility and security company, provides the industry’s first unified asset intelligence platform designed to address the new extended attack surface that connected assets create. Fortune 100 companies trust our real-time and continuous protection to see with full context all managed, unmanaged assets across IT, cloud, IoT devices, medical devices (IoMT), operational technology (OT), industrial control systems (ICS), and 5G. Armis provides passive cyber asset management, risk management, and automated enforcement. Armis is a privately held company and headquartered in California.
To view this piece of content from cts.businesswire.com, please give your consent at the top of this page.
View source version on businesswire.com: https://www.businesswire.com/news/home/20230905844605/en/
Contact information
Rebecca Cradick
Senior Director, Global Communications
Armis
pr@armis.com
About Business Wire
For more than 50 years, Business Wire has been the global leader in press release distribution and regulatory disclosure.
Subscribe to releases from Business Wire
Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.
Latest releases from Business Wire
Samos Energy Acquisition Corporation Announces Pricing of Initial Public Offering10.7.2026 16:32:00 EEST | Press release
Samos Energy Acquisition Corporation (the “Company”) announced today the pricing of its initial public offering (“IPO”) of 20,000,000 units at a price of $10.00 per unit. The units will be listed on the New York Stock Exchange (the “NYSE”) and trade under the ticker symbol “SAMO.U” beginning on July 10, 2026. Each unit consists of one Class A ordinary share and one-half of one redeemable warrant, with each whole warrant entitling the holder thereof to purchase one of the Company’s Class A ordinary shares at an exercise price of $11.50 per share. Once the securities comprising the units begin separate trading, the Class A ordinary shares and warrants are expected to be listed on the NYSE under the symbols “SAMO” and “SAMO.WS,” respectively. Cantor Fitzgerald & Co. is acting as the sole book running manager for the proposed offering. The Company has granted the underwriter a 45-day option to purchase up to an additional 3,000,000 units at the IPO price. The public offering is being made
Onera hPSG ® Wins Prestigious Red Dot Product Design Award10.7.2026 16:00:00 EEST | Press release
Onera Health, a leader in transforming sleep medicine, announces that its innovative product, Onera hPSG®, has been honoured with the prestigious Red Dot Product Design Award for 2026. This international recognition celebrates exceptional design quality and underscores Onera Health's commitment to excellence, creativity, and patient-centric innovation. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260710266668/en/ Onera Health's patch-based home polysomnography solution, Onera hPSG®, wins Prestigious Red Dot Product Design Award 2026. The Red Dot Award, one of the most sought-after seals of quality for good design, attracted thousands of entries from around the globe. Onera hPSG® stood out for outstanding functionality, striking aesthetics, and thoughtful user experience. The expert jury praised the product for translating complex sleep diagnostics into a wearable, easy-to-use system that enables low-threshold application.
teamLab Biovortex Kyoto Welcomes Over 1 Million Visitors within 9 Months of Opening10.7.2026 10:00:00 EEST | Press release
teamLab Biovortex Kyoto has welcomed over 1 million visitors as of July 6, 2026, 9 months after its grand opening. (*1) These visitors arrived from more than 150 countries and regions. International visitors account for approximately 42% of the total. Many of these international visitors travel from distant countries and regions, including the United States, Australia, Canada, the United Kingdom, and Germany. Approximately 30% of these international visitors purchase their tickets at least 30 days in advance. teamLab Biovortex Kyoto is teamLab's largest museum in Japan, with an average visitor stay of over two and a half hours. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260709913938/en/ teamLab Biovortex Kyoto Welcomes Over 1 Million Visitors within 9 Months of Opening *1 According to ticket purchase data from the official teamLab Biovortex Kyoto website (survey period: October 7, 2025 – July 6, 2026) Visitors Comment (M
Robbyant Launches LingBot-VA 2.0 Built Natively for Embodied AI and Physical World Control10.7.2026 09:48:00 EEST | Press release
Robbyant, an embodied AI company within Ant Group, today announced the release of LingBot-VA 2.0, the industry’s first embodied-native video-action world model. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260709654440/en/ A robot powered by LingBot-VA 2.0 engages in a real-time tabletop air hockey match with a human This release marks a key transition in robotics foundation models, shifting from repurposing digital world models to designing them natively for the physical world. Instead of relying on fine-tuned digital content generation models, LingBot-VA 2.0 is built from scratch to meet the original demands of dynamic modeling, causal prediction, and real-time execution in physical environments. Integrating world models with embodied AI has been one of the major focuses of the AI industry. However, most mainstream approaches rely on video generation models designed for digital content, which are then fine-tuned for robo
SureWerx Appoints Erik Pertot as VP/GM SureWerx EMEA10.7.2026 09:00:00 EEST | Press release
SureWerx, a leading global manufacturer of personal protective equipment, safety products, tools and equipment solutions, today announced the appointment of Erik Pertot as VP/GM SureWerx EMEA. Pertot will report directly to CEO Scott Dowell and will lead growth, manufacturing and M&A activities in Europe across the company’s global portfolio. Erik joins SureWerx with more than 20 years of international leadership experience across engineering, quality, marketing, sales, international supply chain, product management, and general management. He brings deep expertise in the personal protective equipment industry, with a track record of leading complex, compliance-critical programs, managing business transitions, and driving growth across multinational environments. Most recently, Pertot served as Global General Manager for Footwear and Fall Protection at Protective Industrial Products (PIP), where he also held senior portfolio management leadership roles. Prior to that, he held a series
In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.
Visit our pressroom
