Business Wire

Armis Identifies the Riskiest Assets Introducing Threats to Global Businesses

5.9.2023 16:00:00 EEST | Business Wire | Press release

Share

Armis, the leading asset visibility and security company, today released new research identifying the riskiest connected assets posing threats to global businesses. Findings highlight risk being introduced to organizations through a variety of connected assets across device classes, emphasizing a need for a comprehensive security strategy to protect an organization’s entire attack surface in real-time.

This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20230905844605/en/

To view this piece of content from mms.businesswire.com, please give your consent at the top of this page.

Source: Data from the Armis Asset Intelligence Engine collected between August 2022 and July 2023.

“Continuing to educate global businesses about the evolving and increased risk being introduced to their attack surface through managed and unmanaged assets is a key mission of ours,” said Nadir Izrael, CTO and Co-Founder of Armis. “This intelligence is crucial to helping organizations defend against malicious cyberattacks. Without it, business, security and IT leaders are in the dark, vulnerable to blind spots that bad actors will seek to exploit.”

Armis’ research, analyzed from the Armis Asset Intelligence Engine, focuses on connected assets with the most attack attempts, weaponized Common Vulnerabilities and Exposures (CVEs) and high-risk ratings to determine the riskiest assets.

Assets With The Highest Number of Attack Attempts

Armis found the top 10 asset types with the highest number of attack attempts were distributed across asset types: IT, OT, IoT, IoMT, Internet of Personal Things (IoPT) and Building Management Systems (BMS). This demonstrates that attackers care more about their potential access to assets rather than the type, reinforcing the need for security teams to account for all physical and virtual assets as part of their security strategy.

Top 10 device types with the highest number of attack attempts:

  • Engineering workstations (OT)
  • Imaging workstations (IoMT)
  • Media players (IoT)
  • Personal computers (IT)
  • Virtual machines (IT)
  • Uninterruptible power supply (UPS) devices (BMS)
  • Servers (IT)
  • Media writers (IoMT)
  • Tablets (IoPT)
  • Mobile phones (IoPT)

“Malicious actors are intentionally targeting these assets because they are externally accessible, have an expansive and intricate attack surface and known weaponized CVEs,” said Tom Gol, CTO of Research at Armis. “The potential impact of breaching these assets on businesses and their customers is also a critical factor when it comes to why these have the highest number of attack attempts. Engineering workstations can be connected to all controllers in a factory, imaging workstations will collect private patient data from hospitals and UPSs can serve as an access point to critical infrastructure entities, making all of these attractive targets for malicious actors with varying agendas, like deploying ransomware or causing destruction to society in the case of nation-state attacks. IT leaders need to prioritize asset intelligence cybersecurity and apply patches to mitigate this risk.”

Assets With Unpatched, Weaponized CVEs Vulnerable to Exploitation

Researchers identified a significant number of network-connected assets susceptible to unpatched, weaponized CVEs published before 1/1/2022. Zooming in on the highest percentage of devices of each type that had these CVEs between August 2022 and July 2023, Armis identified the list reflected in Figure A. Unpatched, these assets introduce significant risk to businesses.

Assets with a High-Risk Rating

Armis also examined asset types with the most common high-risk factors:

  • Many physical devices on the list that take a long time to replace, such as servers and Programmable Logic Controllers (PLCs), run end-of-life (EOL) or end-of-support (EOS) operating systems. EOL assets are nearing the end of functional life but are still in use, while EOS assets are no longer actively supported or patched for vulnerabilities and security issues by the manufacturer.
  • Some assets, including personal computers, demonstrated SMBv1 usage. SMBv1 is a legacy, unencrypted and complicated protocol with vulnerabilities that have been targeted in the infamous Wannacry and NotPetya attacks. Security experts have advised organizations to stop using it completely. Armis found that 74% of organizations today still have at least one asset in their network vulnerable to EternalBlue – an SMBv1 vulnerability.
  • Many assets identified in the list exhibited high vulnerability scores, have had threats detected, have been flagged for unencrypted traffic or still have the CDPwn vulnerabilities impacting network infrastructure and VoIPs.
  • Half (50%) of pneumatic tube systems were found to have an unsafe software update mechanism.

Additional research from Armis is available on the riskiest OT and ICS devices across critical infrastructure industries as well as the riskiest medical and IoT devices in clinical environments.

Learn more about Armis at www.armis.com.

About Armis

Armis, the leading asset visibility and security company, provides the industry’s first unified asset intelligence platform designed to address the new extended attack surface that connected assets create. Fortune 100 companies trust our real-time and continuous protection to see with full context all managed, unmanaged assets across IT, cloud, IoT devices, medical devices (IoMT), operational technology (OT), industrial control systems (ICS), and 5G. Armis provides passive cyber asset management, risk management, and automated enforcement. Armis is a privately held company and headquartered in California.

To view this piece of content from cts.businesswire.com, please give your consent at the top of this page.

Contact information

Rebecca Cradick
Senior Director, Global Communications
Armis
pr@armis.com

About Business Wire

For more than 50 years, Business Wire has been the global leader in press release distribution and regulatory disclosure.

Subscribe to releases from Business Wire

Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.

Latest releases from Business Wire

Samsung Becomes a Sisvel Wi-Fi Multimode Pool Licensee and Licensor14.7.2026 10:09:00 EEST | Press release

Samsung Electronics has signed up as a licensee of the Sisvel Wi-Fi Multimode pool and has also become a licensor under the programme. The decision by the South Korean company - a global R&D powerhouse and among the world’s top smartphone vendors, as well as a leader in many other electronic product categories - not only confirms the Sisvel Wi-Fi Multimode pool as a recognised solution provider for parties seeking to derisk Wi-Fi implementation but also considerably expands the scope of the programme’s patent offering. Since it was publicly launched in January 2026, ASUS, Hewlett Packard Enterprise, Microsoft and Sony Group Corporation have become licensees of the Sisvel Wi-Fi Multimode pool. There are also five licensor/licensee companies: Huawei, Panasonic, Philips, Samsung Electronics and ZTE. The other licensors are KPN, Mitsubishi Electric, Orange, Aegis 11 SA, SK Telecom and Wilus. The agreement announced today ends litigation in the Eastern District of Texas between Samsung Elec

Wolters Kluwer Integrates Legal Intelligence Platform With Libra Legal AI Workspace in the Netherlands14.7.2026 10:00:00 EEST | Press release

Wolters Kluwer Legal & Regulatory today announced the integration of its Legal Intelligence multi-content-provider platform with the Libra by Wolters Kluwer AI workspace in the Netherlands. Dutch legal professionals will now be able to access more than 5000 additional pieces of expert legal content from Wolters Kluwer and third-party content providers as well as public sources in addition to the existing content offerings in Libra. “By bringing Legal Intelligence into Libra, we move beyond traditional search to truly integrated, AI-driven workflows,” said Rimco Spanjer, Vice President & Managing Director, Wolters Kluwer Legal & Regulatory Benelux. “Combining our authoritative content with trusted third-party sources in one AI workspace enables legal professionals to work smarter every day.” The integration will include trusted legal content from Kluwer Law International, Ars Aequi, Amsterdam University Press, Celsus Juridische uitgerij, Iustitia Scripta, M.A.D.Lex, MOC Uitgeverij, NL-F

Empire State Building Observation Deck Debuts New Family Bundle Ticket Options13.7.2026 23:30:00 EEST | Press release

The Empire State Building Observation Deck (ESBOD), atop the “World’s Most Famous Building,” announced today new ticket bundle options for families of all ages to save on their visit to the famed New York City landmark. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260713003884/en/ Empire State Building Observation Deck Debuts New Family Bundle Ticket Options Groups of four who purchase the new Family Ticket Bundle can save up to 20 percent on tickets to the Empire State Building’s iconic 86th and 102nd Floor Observation Decks, with options for express access and flex admission. The Family Ticket Bundle is available online only. “The Empire State Building Observation Deck is one of the best activities for families in NYC with immersive, educational museum exhibits and Manhattan’s best skyline views,” said Dan Rogoski, observatory general manager. “There is no better place to make family memories than at the #1 attraction in

Kinaxis Inc. to Host Second Quarter 2026 Financial Results Conference Call on August 6, 202613.7.2026 23:05:00 EEST | Press release

Kinaxis® Inc. (TSX:KXS), a global leader in end-to-end supply chain planning and orchestration, today announced that it has scheduled a conference call to discuss its financial results for the second quarter ended June 30, 2026. The call will be hosted on Thursday, August 6, 2026, at 8:30 a.m. Eastern Time by Razat Gaurav, Chief Executive Officer, and Peter Yaraskavitch, Vice President, Financial Planning and Analysis, followed by a question and answer period. The Company will report its financial results for the second quarter after the close of markets on Wednesday, August 5, 2026. CONFERENCE CALL DETAILS DATE: Thursday, August 6, 2026 TIME: 8:30 a.m. Eastern Time WEBCAST: https://events.q4inc.com/attendee/854228135 (available for three months) About Kinaxis Kinaxis is a leader in modern supply chain orchestration, powering complex global supply chains and supporting the people who manage them. Our powerful, AI-infused supply chain orchestration platform, Maestro, combines proprietar

PagerDuty Announces Arnaud Lagarde, Vice President of EMEA13.7.2026 23:05:00 EEST | Press release

PagerDuty, Inc. (NYSE: PD), a leader in AI-first operations management, today announced the appointment of Arnaud Lagarde as vice president of EMEA. Lagarde will lead PagerDuty’s next phase of growth in the EMEA region, bringing the entire incident management lifecycle to customers across EMEA to solve their biggest digital challenges. “We are thrilled to appoint Arnaud as vice president of EMEA, since he brings a wealth of enterprise sales relationships and years of experience growing this region,” said Todd McNabb, chief revenue officer at PagerDuty. “Arnaud brings a specific combination of deep technical expertise and leadership that will be critical for PagerDuty’s customers, partners and employees. He is a great fit for PagerDuty and we look forward to his impact.” Lagarde brings to the role over 20 years of experience spanning companies like Automation Anywhere, CA Technologies and BMC. Over the past two decades, he has worked closely with founders, investors and executive teams

In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.

Visit our pressroom
World GlobeA line styled icon from Orion Icon Library.HiddenA line styled icon from Orion Icon Library.Eye