- Report finds VPN complexity and poor upkeep driving surge in ransomware incidents
- Cloud-based VPN options can decrease publicity to ransomware and direct assaults
- Advanced on-premise VPN programs usually lead to outdated configurations
Companies counting on older on-premise VPN units might be going through greater ransomware dangers, findings from At-Bay’s 2025 InsurSec Report have claimed.
The evaluation of cyber insurance coverage claims discovered organizations utilizing Cisco and Citrix VPN programs had been 6.8 occasions extra prone to be hit by ransomware than these with out such units.
The examine, primarily based on greater than 100,000 coverage years of information collected between January 2024 and March 2025, checked out incidents amongst about 40,000 insured clients in america.
SonicWall VPN additionally in danger
At-Bay stated it adjusted its evaluation to account for a way frequent every product is in buyer environments.
At-Bay’s CISO for Prospects, Adam Tyra, instructed The Register, "We expect the takeaway is obvious: Corporations counting on on-premise VPN units from distributors like Cisco and Citrix ought to strongly take into account transitioning to fashionable cloud-based, distant entry options."
Companies desirous to be secure ought to try our suggestions for finest VPNs and finest VPNs with antivirus.
The report discovered SonicWall VPN customers had been 5.8 occasions extra prone to expertise ransomware, following a 300 p.c surge in Akira assaults through the third quarter, with Palo Alto International Defend at 5.5X and Fortinet at 5.3X.
Companies utilizing an on-premise VPN of any sort had been 3.7X extra prone to fall sufferer to an assault than these utilizing a cloud-based VPN or with none VPN, At-Bay reported.
"We're not suggesting these merchandise are inherently insecure, however they’re advanced and require constant upkeep," Tyra stated. "Whereas many organizations can deploy them securely, far fewer can keep them correctly over time, resulting in missed patches and outdated configurations."
The report added that 80 p.c of ransomware circumstances started when attackers gained entry by way of distant entry instruments, with 83 p.c of these involving VPN units. It attributed this to growing gadget complexity.
Tyra stated, "The underside line is that conventional on-premise VPNs are sometimes too troublesome for many firms to function securely." He added that cloud-based Safe Entry Service Edge merchandise "considerably scale back publicity to direct assaults in comparison with conventional VPNs."
Neither Cisco nor Citrix responded to The Register’s requests for remark.
➡️ Read our full guide to the best antivirus
1. Finest total:
Bitdefender Complete Safety
2. Finest for households:
Norton 360 with LifeLock
3. Finest for cellular:
McAfee Cellular Safety
Follow TechRadar on Google News andadd us as a preferred source to get our professional information, opinions, and opinion in your feeds. Make sure that to click on the Comply with button!
And naturally you may as well follow TechRadar on TikTok for information, opinions, unboxings in video type, and get common updates from us on WhatsApp too.