Introduction to the Cyber Threat Index
Coalition, an Active Insurance provider focused on managing digital risks, has released its Cyber Threat Index for 2025.
Key Findings from 2024
The report provides an in-depth analysis of cybersecurity trends from 2024 and highlights emerging threats for 2025. A major takeaway is that the majority of ransomware claims were traced back to vulnerabilities in perimeter security devices like virtual private networks (VPNs) and firewalls, which accounted for 58% of ransomware incidents. The second most common attack vector was remote desktop services, responsible for 18% of claims.
Alok Ojha, Coalition’s Head of Products, Security, commented, “While ransomware is a serious concern for all businesses, these insights demonstrate that threat actors’ ransomware playbook hasn’t evolved all that much—they’re still going after the same tried and true technologies with many of the same methods.”
Emerging Threats for 2025
Looking ahead to 2025, the report warns that the number of discovered software vulnerabilities is expected to exceed 45,000, marking a nearly 15% increase from 2024, equating to nearly 4,000 new vulnerabilities each month. The most frequent initial access methods (IAVs) for ransomware claims were stolen credentials, which accounted for 47% of incidents, followed by software exploits at 29%.
Products and Vendors at Risk
Commonly targeted products include those from vendors like Fortinet, Cisco, SonicWall, Palo Alto Networks, and Microsoft.
Exposed Login Credentials
The report stresses the growing danger of exposed login credentials. Coalition uncovered over 5 million remote management solutions and thousands of vulnerable login panels exposed to the internet. More than 65% of companies applying for cyber insurance had at least one exposed login panel.
Coalition’s Approach
To address these risks, Coalition uses a combination of artificial intelligence, honeypots, and human expertise to prioritize vulnerabilities based on their likelihood of exploitation. This proactive approach resulted in only 0.15% of vulnerabilities triggering critical alerts, with 90% not triggering any alerts. Thanks to this, Coalition policyholders were able to address over 32,000 vulnerabilities in 2024.
Expert Commentary
Daniel Woods, Senior Security Researcher at Coalition, stated, “This year’s report focuses on the most crucial security risks that under-resourced organizations should understand to better calibrate their defensive investments to bolster resilience.”
