Per Tech Radar, a new report from Barracuda reveals that firewalls are a primary target for cybercriminals. The Barracuda Managed XDR Global Threat Report indicates that a staggering 90% of all ransomware incidents in 2025 originated from compromised firewall instances.The report, which analyzed over two trillion IT events and 600,000 security alerts from 2025, found that attackers exploited firewalls through either known vulnerabilities or compromised accounts. One in 10 detected vulnerabilities had an existing exploit, suggesting attackers often targeted easily accessible weaknesses. A particularly concerning finding is that the most prevalent vulnerability identified is 13 years old (CVE-2013-2566), often found in legacy systems.This aligns with other research, such as Sophos' findings that network edge devices like firewalls account for nearly 30% of initial compromises. The report also noted that the number of active ransomware groups reached unprecedented levels in 2025, with victim growth doubling since 204. Incidents involving SonicWall firewall appliances and the Akira ransomware group were also highlighted, impacting dozens of organizations.Source: Tech Radar
Ransomware, Network Security
Barracuda report: Firewalls exploited in 90% of ransomware incidents

(Adobe Stock)
An In-Depth Guide to Ransomware
Get essential knowledge and practical strategies to protect your organization from ransomware attacks.
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds



