Top Highlights
- Email security tools saw a 53% increase in customer claim frequency year-over-year, with most tools, except Sophos, experiencing higher fraud claims, attributed to NLP advantages.
- VPNs remain a significant attack vector, with 80% of ransomware incidents in 2024 involving remote access tools and 83% involving VPNs.
- Self-managed, on-premises VPNs pose the greatest risk, making users four times more susceptible to ransomware than those using cloud-based or no VPNs.
- Cisco and Citrix VPNs are the most vulnerable, with companies using them being nearly seven times more likely to suffer ransomware attacks.
The Issue
According to recent research reported by At-Bay, there has been a significant rise in email security claims, with a 53% increase among customers using various email security tools over the past year. This surge indicates that cybercriminals are becoming more aggressive and effective in executing email-based attacks, though some platforms like Sophos have been more resilient due to their early adoption of advanced natural language processing (NLP) technology that helps detect fraudulent activity. The report highlights that nearly all email security solutions are struggling against this increasing threat, emphasizing the persistent vulnerability companies face in protecting their digital communication.
In addition, the report underscores the heightened risks associated with Virtual Private Networks (VPNs) and remote access in 2024. It reveals that a staggering 80% of ransomware attacks originated from remote access tools, predominantly involving VPNs, with self-managed, on-premises VPNs being among the riskiest—users of such VPNs are four times more likely to fall victim to attacks than those using cloud-based VPNs or no VPNs at all. Specifically, VPN services from Cisco and Citrix are identified as being nearly seven times more susceptible to ransomware threats, illustrating how certain technologies and management practices significantly impact cybersecurity vulnerabilities. This information, gathered by At-Bay, a cybersecurity insurance provider, sheds light on the evolving landscape of cyber threats and underscores the necessity for organizations to reassess their digital defenses.
Security Implications
The alarming reality is that over 90% of cyber claims originate from vulnerabilities in email security and remote access points, a threat that any business, regardless of size or industry, cannot afford to ignore; if exploited, these weak links can lead to catastrophic financial losses, reputational damage, and operational disruptions, as cybercriminals exploit unsecured email channels and remote connections to infiltrate networks, steal sensitive data, or execute ransomware attacks, ultimately undermining your company’s stability and trustworthiness in the marketplace.
Possible Next Steps
In today’s rapidly evolving digital landscape, promptly addressing vulnerabilities—especially those stemming from old threats like email and remote access—can significantly reduce the risk of severe cyber incidents and associated costs. Delays in remediation can lead to amplified damage, data breaches, and increased financial liabilities, making swift action essential to maintain security resilience.
Vulnerability Management
Regularly scan networks and systems to identify outdated or unpatched email and remote access gateways; prioritize vulnerabilities based on risk and potential impact.
Patch and Update
Apply timely patches and updates to email servers, remote desktop software, and related security tools to close known vulnerabilities.
Access Control
Implement strict access controls, including Multi-Factor Authentication (MFA), least privilege principles, and role-based permissions to limit unauthorized remote access.
User Training
Conduct ongoing security awareness training for employees to recognize phishing attempts and secure remote collaboration practices.
Network Segmentation
Segment networks to isolate critical systems from email and remote access points, reducing the attack surface.
Monitoring & Detection
Deploy continuous monitoring tools to detect suspicious activities related to email or remote sessions, enabling rapid response.
Incident Response Planning
Develop and routinely test incident response plans focused on email and remote access breaches to ensure preparedness and swift remediation.
Advance Your Cyber Knowledge
Stay informed on the latest Threat Intelligence and Cyberattacks.
Understand foundational security frameworks via NIST CSF on Wikipedia.
Disclaimer: The information provided may not always be accurate or up to date. Please do your own research, as the cybersecurity landscape evolves rapidly. Intended for secondary references purposes only.
Cyberattacks-V1cyberattack-v1-multisource
