Ransomware Entry Points
The majority of ransomware claims in 2024 began with threat actors compromising perimeter security appliances, 58%, or remote desktop software, 18%, according to a report from cyber insurer Coalition Inc.
Initial Access Vectors
The most common “initial access vectors” across all ransomware claims were stolen credentials, 47%, and software exploits, 29%, according to Coalition’s Cyber Threat Index.
Proactive Alerts and Exposed Logins
Most proactive alerts sent by Coalition in 2024 concerned configuration issues, such as exposed login panels, exposed services, and risky technologies. Exposed logins are an “underappreciated” driver of ransomware risk. Coalition detected over 5 million internet-exposed remote management solutions and tens of thousands of exposed login panels across the internet.
Vulnerability of Small and Medium-Sized Businesses
Small and medium-sized businesses remain especially vulnerable to specific cyberattack types, such as ransomware. Cybersecurity concerns are a top threat for 60% of small and medium-sized business owners, yet just 23% say they are very prepared to handle an attack, according to the U.S. Chamber of Commerce Small Business Index.
Future Forecast
Looking forward, Coalition forecasts that more than 45,000 software vulnerabilities will be published in 2025, a rate of nearly 4,000 per month and a 15% jump over the first 10 months of 2024.
