90% of ransomware incidents exploited firewalls via unpatched software or a vulnerable account that enables cybercriminals to gain access.

Security Boulevard is a leading cybersecurity news and information portal, offering articles, analysis, and insights on cybersecurity threats, vulnerabilities, and best practices. From the latest trends in cyber threats to expert commentary on security technologies and compliance frameworks, Security Boulevard provides resources for security professionals, IT leaders, and business executives seeking to protect their organizations from cyber attacks and data breaches.

Security Boulevard

A Barracuda Networks analysis of over 2 trillion IT events from 2025 reveals that 90% of ransomware incidents exploited firewalls through unpatched software or vulnerable accounts. The most widely detected vulnerability dates back to 2013. Attackers are developing exploits faster, with 96% of lateral movement incidents ending in ransomware deployment. The fastest observed attack (Akira ransomware) encrypted data within three hours of initial breach. Two-thirds of incidents involved supply chain or third-party suppliers. Security teams are urged to prioritize firewall patching and basic security hygiene, with managed security services and AI-driven automation suggested as potential solutions.

Analysis: Root Cause of Most Security Incidents Traced to Unpatched Firewalls