Ransomware, Network Security

Barracuda report: Firewalls exploited in 90% of ransomware incidents

(Adobe Stock)

Per Tech Radar, a new report from Barracuda reveals that firewalls are a primary target for cybercriminals. The Barracuda Managed XDR Global Threat Report indicates that a staggering 90% of all ransomware incidents in 2025 originated from compromised firewall instances.

The report, which analyzed over two trillion IT events and 600,000 security alerts from 2025, found that attackers exploited firewalls through either known vulnerabilities or compromised accounts. One in 10 detected vulnerabilities had an existing exploit, suggesting attackers often targeted easily accessible weaknesses. A particularly concerning finding is that the most prevalent vulnerability identified is 13 years old (CVE-2013-2566), often found in legacy systems.

This aligns with other research, such as Sophos' findings that network edge devices like firewalls account for nearly 30% of initial compromises. The report also noted that the number of active ransomware groups reached unprecedented levels in 2025, with victim growth doubling since 204. Incidents involving SonicWall firewall appliances and the Akira ransomware group were also highlighted, impacting dozens of organizations.

Source: Tech Radar

An In-Depth Guide to Ransomware

Get essential knowledge and practical strategies to protect your organization from ransomware attacks.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds