Ten percent of IT assets lack endpoint security entirely. At the same time, 65 percent of non-BEC incident response cases are attributable to the misuse of remote access services, even though patches were already available for all ten of the most exploited CVEs.
This is according to research by Arctic Wolf. More than 800,000 IT assets were analyzed, yielding striking findings about the state of security within organizations. Of those assets, 18 percent fall outside of patch and configuration management, meaning that known vulnerabilities on those systems cannot be reliably patched. At the same time, 19 percent are running on end-of-life hardware or software for which vendors no longer release security updates.
More than 17 percent of assets remain outside the scope of traditional vulnerability management solutions, meaning those systems are never scanned for actively exploited CVEs.
One in ten IT assets lacks endpoint security. This gives attackers a real chance to gain unnoticed access to corporate networks during every attack window. Additionally, the problem of misconfigurations and abused trust relationships is growing significantly. This rose from less than 1 percent to 8 percent of non-BEC incident response cases. As a result, attackers are increasingly targeting the blind spots in the IT environment.
Remote access as the primary attack vector
65 percent of incident response cases unrelated to Business Email Compromise (BEC) stemmed from the misuse of remote access services. What stands out here is that a patch was already available for each of the ten most exploited CVEs. Furthermore, the vulnerabilities date back to 2024 or earlier.
Tip: Arctic Wolf introduces Decipio for rapid detection of login theft