Remote Access Tools Most Frequently Targeted As Ransomware Entry Points
CIODIVE, Monday, April 14th, 2025
Supply chain risk via third-party vendors increased sharply in 2025, according to a report by At-Bay.
Remote access tools were the initial entry point in eight of every 10 ransomware attacks in 2024, according to a report released Thursday by At-Bay. VPNs accounted for about two-thirds of ransomware attack entry points.
Indirect ransomware claims continue to rise, showing a 43% increase in 2024, according to At-Bay. Indirect ransomware is when an attack begins on a third-party vendor or business partner, often leading to a data breach or business interruption of a downstream client or partner. The report cites the 2023 MOVE-it breaches and the 2024 CDK attacks.
Overall, the frequency of ransomware claims returned to record levels seen in 2021 after a decreased rate of attacks in 2022 and 2023, according to At-Bay.