- Report finds VPN complexity and poor maintenance driving surge in ransomware incidents
- Cloud-based VPN alternatives can lower exposure to ransomware and direct attacks
- Complex on-premise VPN systems often result in outdated configurations
Businesses relying on older on-premise VPN devices could be facing higher ransomware risks, findings from At-Bay’s 2025 InsurSec Report have claimed.
The analysis of cyber insurance claims found organizations using Cisco and Citrix VPN systems were 6.8 times more likely to be hit by ransomware than those without such devices.
The study, based on more than 100,000 policy years of data collected between January 2024 and March 2025, looked at incidents among about 40,000 insured customers in the United States.
SonicWall VPN also at risk
At-Bay said it adjusted its analysis to account for how common each product is in customer environments.
At-Bay’s CISO for Customers, Adam Tyra, told The Register, “We think the takeaway is clear:…
.webp?ssl=1 "Critical Flaw in Citrix Windows VDA Allows SYSTEM Privilege Escalation")