New Barracuda Report Shows How Attackers Target Organizations and The Security Gaps Increasing Risk
India — Barracuda Networks, Inc., a leading cybersecurity company providing complete protection against complex threats for all size business, has released data showing that 90% of ransomware incidents in 2025 exploited firewalls through unpatched software or a vulnerable account. The fastest ransomware case observed took just three hours to progress from breach to encryption. The findings are detailed in the Barracuda Managed XDR Global Threat Report, which shows how attackers target organizations and the security gaps putting systems at risk.
Drawn from thousands of real-world security incidents, the findings show how attackers exploit legitimate IT tools such as remote access software and leverage unprotected devices. They also reveal the risks of outdated encryption, disabled endpoint security and more, and highlight the warning sirens of unusual login or privileged access behaviors.
Key findings
· 90% of ransomware incidents exploited firewalls through a CVE (a classified software vulnerability) or vulnerable account. Attackers can use this to gain access and control over the network and bypass its protection, hiding malicious traffic and activity.
· The fastest ransomware case observed involved Akira ransomware and took just three hours from breach to encryption. Such compressed timelines can leave defenders with minimal opportunity to detect and respond.
· One in 10 detected vulnerabilities had a known exploit. Attackers are actively weaponizing software bugs, often in the supply chain — and the importance of identifying and addressing unpatched software cannot be overstated.
· The most widely detected vulnerability dates to 2013. CVE-2013-2566 is a flaw in an outdated encryption algorithm that can be found in legacy systems such as old servers or embedded devices or applications.
· 96% of incidents involving lateral movement ended with the release of ransomware. Lateral movement marks the moment when attackers hiding on an unprotected endpoint break cover, and it represents the biggest red flag of an unfolding ransomware attack.
· 66% of incidents involved the supply chain or a third party (up from 45% in 2024) as attackers exploit weaknesses in third-party software to breach defenses and extend their reach.
Disclaimer: The above press release has been provided by Barracuda. CXO Digital Pulse holds no responsibility for its content in any manner.
