Business Wire

Armis Identifies the Riskiest Assets Introducing Threats to Global Businesses

Share

Armis, the leading asset visibility and security company, today released new research identifying the riskiest connected assets posing threats to global businesses. Findings highlight risk being introduced to organizations through a variety of connected assets across device classes, emphasizing a need for a comprehensive security strategy to protect an organization’s entire attack surface in real-time.

This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20230905844605/en/

To view this piece of content from mms.businesswire.com, please give your consent at the top of this page.

Source: Data from the Armis Asset Intelligence Engine collected between August 2022 and July 2023.

“Continuing to educate global businesses about the evolving and increased risk being introduced to their attack surface through managed and unmanaged assets is a key mission of ours,” said Nadir Izrael, CTO and Co-Founder of Armis. “This intelligence is crucial to helping organizations defend against malicious cyberattacks. Without it, business, security and IT leaders are in the dark, vulnerable to blind spots that bad actors will seek to exploit.”

Armis’ research, analyzed from the Armis Asset Intelligence Engine, focuses on connected assets with the most attack attempts, weaponized Common Vulnerabilities and Exposures (CVEs) and high-risk ratings to determine the riskiest assets.

Assets With The Highest Number of Attack Attempts

Armis found the top 10 asset types with the highest number of attack attempts were distributed across asset types: IT, OT, IoT, IoMT, Internet of Personal Things (IoPT) and Building Management Systems (BMS). This demonstrates that attackers care more about their potential access to assets rather than the type, reinforcing the need for security teams to account for all physical and virtual assets as part of their security strategy.

Top 10 device types with the highest number of attack attempts:

  • Engineering workstations (OT)
  • Imaging workstations (IoMT)
  • Media players (IoT)
  • Personal computers (IT)
  • Virtual machines (IT)
  • Uninterruptible power supply (UPS) devices (BMS)
  • Servers (IT)
  • Media writers (IoMT)
  • Tablets (IoPT)
  • Mobile phones (IoPT)

“Malicious actors are intentionally targeting these assets because they are externally accessible, have an expansive and intricate attack surface and known weaponized CVEs,” said Tom Gol, CTO of Research at Armis. “The potential impact of breaching these assets on businesses and their customers is also a critical factor when it comes to why these have the highest number of attack attempts. Engineering workstations can be connected to all controllers in a factory, imaging workstations will collect private patient data from hospitals and UPSs can serve as an access point to critical infrastructure entities, making all of these attractive targets for malicious actors with varying agendas, like deploying ransomware or causing destruction to society in the case of nation-state attacks. IT leaders need to prioritize asset intelligence cybersecurity and apply patches to mitigate this risk.”

Assets With Unpatched, Weaponized CVEs Vulnerable to Exploitation

Researchers identified a significant number of network-connected assets susceptible to unpatched, weaponized CVEs published before 1/1/2022. Zooming in on the highest percentage of devices of each type that had these CVEs between August 2022 and July 2023, Armis identified the list reflected in Figure A. Unpatched, these assets introduce significant risk to businesses.

Assets with a High-Risk Rating

Armis also examined asset types with the most common high-risk factors:

  • Many physical devices on the list that take a long time to replace, such as servers and Programmable Logic Controllers (PLCs), run end-of-life (EOL) or end-of-support (EOS) operating systems. EOL assets are nearing the end of functional life but are still in use, while EOS assets are no longer actively supported or patched for vulnerabilities and security issues by the manufacturer.
  • Some assets, including personal computers, demonstrated SMBv1 usage. SMBv1 is a legacy, unencrypted and complicated protocol with vulnerabilities that have been targeted in the infamous Wannacry and NotPetya attacks. Security experts have advised organizations to stop using it completely. Armis found that 74% of organizations today still have at least one asset in their network vulnerable to EternalBlue – an SMBv1 vulnerability.
  • Many assets identified in the list exhibited high vulnerability scores, have had threats detected, have been flagged for unencrypted traffic or still have the CDPwn vulnerabilities impacting network infrastructure and VoIPs.
  • Half (50%) of pneumatic tube systems were found to have an unsafe software update mechanism.

Additional research from Armis is available on the riskiest OT and ICS devices across critical infrastructure industries as well as the riskiest medical and IoT devices in clinical environments.

Learn more about Armis at www.armis.com.

About Armis

Armis, the leading asset visibility and security company, provides the industry’s first unified asset intelligence platform designed to address the new extended attack surface that connected assets create. Fortune 100 companies trust our real-time and continuous protection to see with full context all managed, unmanaged assets across IT, cloud, IoT devices, medical devices (IoMT), operational technology (OT), industrial control systems (ICS), and 5G. Armis provides passive cyber asset management, risk management, and automated enforcement. Armis is a privately held company and headquartered in California.

To view this piece of content from cts.businesswire.com, please give your consent at the top of this page.

Contact information

Rebecca Cradick
Senior Director, Global Communications
Armis
pr@armis.com

About Business Wire

For more than 50 years, Business Wire has been the global leader in press release distribution and regulatory disclosure.

Subscribe to releases from Business Wire

Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.

Latest releases from Business Wire

Kioxia Receives IEEE Corporate Innovation Award9.5.2025 10:00:00 EEST | Press release

Kioxia Corporation, a world leader in memory solutions, today announced that it has received the IEEE Corporate Innovation Award from the Institute of Electrical & Electronics Engineers (IEEE), the world’s largest technical professional organization dedicated to advancing technology for the benefit of humanity. This award recognizes Kioxia's outstanding contribution in the field of electrical and electronics engineering through its BiCS FLASH™ technology, a low-cost, high-capacity 3D flash memory innovation. The award ceremony was held on April 24 in Tokyo. The IEEE Corporate Innovation Award is a globally-recognized honor bestowed upon organizations that have developed innovative technologies, products or services that have made a substantial contribution to the advancement of electrical and electronics engineering. Since its inception in 1985, the award has been presented to leading electronics manufacturers and IT companies worldwide, and Kioxia is proud to be the seventh Japanese c

Suzano Reports Record First-Quarter Revenue9.5.2025 03:12:00 EEST | Press release

Suzano, the world’s largest pulp producer, announces its first quarter results for 2025 (1Q25) with record net revenue of R$11.6 billion, up 22% on the same quarter last year (1Q24). The result was driven by the exchange rates, increased pulp sales volumes from the new Ribas do Rio Pardo mill, higher paper volume and prices and the positive contribution from our paperboard mills recently acquired in the U.S. The record revenues occurred despite a series of planned downtimes in the quarter, including production lines of the Três Lagoas Unit, Mucuri Unit, and Aracruz Unit, and the Ribas do Rio Pardo Unit’s first scheduled maintenance downtime. Sales exceeded 3 million tonnes in the quarter, a rise of 12% compared to 1Q24, comprising 2.7 million tonnes of pulp and 390 thousand tonnes of paper, up 10% and 25%, respectively, on the same quarter last year. Adjusted EBITDA totaled R$4.9 billion, a 7% increase over 1Q24. Operating cash generation totaled R$2.6 billion, rising 5% on 1Q24. Net p

GC Aesthetics® Strengthens Board of Directors with Strategic Appointments8.5.2025 18:10:00 EEST | Press release

GC Aesthetics® (GCA), a privately-held medical technology company providing aesthetic and reconstruction solutions for global healthcare markets is pleased to announce the appointment of Mr. Luigi Ferrari as Chairman of the Board (non-executive) and Mr. Patrick Lee as Board Director, reinforcing the company’s strategic direction and long-term growth plans. These appointments follow the renewed phase of partnership initiated in early 2024 with Hayfin Capital Management, a longstanding investor in GCA. This collaboration has brought fresh momentum to the company’s commitment to innovation, safety, and global expansion in aesthetic and reconstructive breast surgery. Luigi Ferrari, a seasoned executive and investor with a proven track record in the healthcare sector, brings deep leadership experience, commercial growth expertise and industry insight. From 2012 to 2022 he was CEO of Lima Corporate, a global medical device company in the joint replacement market, acquired then by Enovis Corp

PPG to invest $380 million to build new U.S. manufacturing facility in Shelby, N.C. for aerospace coatings and sealants8.5.2025 17:30:00 EEST | Press release

PPG (NYSE: PPG) today announced that it will invest $380 million to build a new aerospace coatings and sealants manufacturing facility in Shelby, N.C. Construction on the 62-acre site, which will initially include manufacturing and warehousing units, is set to commence in October 2025 and is expected to be completed in the first half of 2027. The 198,000-square-foot facility will enable the company to continue meeting the growing demands of the aerospace industry. It will employ more than 110 people and produce the full line of PPG’s aerospace coatings and sealants. The additional capacity of this new plant, combined with nearby transport links that improve supply chain and shipping logistics, will help improve service levels for customers. “PPG’s investment in this new manufacturing facility demonstrates the significant demand growth for our world-class technologies and our continued commitment to serving our aerospace customers,” said Tim Knavish, PPG chairman and chief executive off

WHOOP Unveils WHOOP® 5.0 and WHOOP® MG: Powerful New Devices with Breakthrough Health and Longevity Features8.5.2025 17:00:00 EEST | Press release

WHOOP, the human performance company, today introduces WHOOP 5.0 and WHOOP MG — two next-generation wearables designed to unlock a new approach to personal health and longevity. Paired with a redesigned WHOOP experience, the devices offer 14-day battery life in a sleeker, seven percent smaller form - and introduce category-defining features, including Healthspan with WHOOP Age, Heart Screener with on-demand ECG, Blood Pressure Insights, and more. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20250508546933/en/ WHOOP Unveils Next Generation WHOOP® 5.0 and WHOOP® MG These innovations arrive at a pivotal moment when ailing health systems cost more and deliver less. WHOOP is advancing a new solution and a better way - one that empowers people to connect their daily decisions to performance and health outcomes that can be measured and felt. While others track surface-level trends, WHOOP delivers longevity through depth — translati

In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.

Visit our pressroom
World GlobeA line styled icon from Orion Icon Library.HiddenA line styled icon from Orion Icon Library.Eye