New data released by Barracuda Networks shows that 90 percent of ransomware incidents in 2025 exploited firewalls through unpatched software or a vulnerable account.
Drawn from thousands of real-world security incidents in Barracuda’s Managed XDR dataset, the findings show how attackers exploit legitimate IT tools such as remote access software and leverage unprotected devices. They also reveal the risks of outdated encryption, disabled endpoint security and more, and highlight the warning signs of unusual login or privileged access behaviors.
The fastest ransomware case observed involved Akira ransomware and took just three hours from breach to encryption. Such compressed timelines can leave defenders with minimal opportunity to detect and respond.
One in 10 detected vulnerabilities had a known exploit. Attackers are actively weaponizing software bugs, often in the supply chain — and the importance of identifying and addressing unpatched software cannot be overstated. The most widely detected vulnerability dates to 2013.
The data also shows that 96 percent of incidents involving lateral movement ended with the release of ransomware. 66 percent of incidents involve the supply chain or a third party (up from 45 percent in 2024).
“Organizations and their security teams — especially if that ‘team’ is a single IT professional — face an immense challenge. With limited resources and fragmented security tools, they must safeguard identities, assets and data from an evolving threat landscape and attacks that can unfold in a matter of hours,” says Merium Khalid, director, SOC offensive security at Barracuda. “What makes targets vulnerable is often easy to overlook — a single rogue device, an account that wasn’t disabled when someone left, a dormant application that hasn’t been updated, or a misconfigured security feature. Attackers only need to find one to succeed. An integrated, AI-powered and autonomous security solution with the management and support taken care of by experts can make all the difference.”
You can find out more on the Barracuda site.
Image credit: Andreus/depositphotos.com
