Cyber threats surge in 2025 as Coalition highlights rising risks and new trends

Coalition, an Active Insurance provider focused on managing digital risks, has published its Cyber Threat Index for 2025.

The report provides an in-depth analysis of cybersecurity trends from 2024 and highlights emerging threats that businesses should be aware of in 2025.

A major takeaway from the report is that the majority of ransomware claims in 2024 were traced back to vulnerabilities in perimeter security devices, such as virtual private networks (VPNs) and firewalls, which accounted for 58% of ransomware incidents.

The second most common attack vector was remote desktop services, responsible for 18% of claims.

“While ransomware is a serious concern for all businesses, these insights demonstrate that threat actors’ ransomware playbook hasn’t evolved all that much—they’re still going after the same tried and true technologies with many of the same methods,” commented Alok Ojha, Coalition’s Head of Products, Security.

“This means that businesses can have a reliable playbook, too, and should focus on mitigating the riskiest security issues first to reduce the likelihood of ransomware or another cyber attack. Continuous attack surface monitoring to detect these technologies and mitigate possible vulnerabilities could mean the difference between a threat and an incident.”

Looking ahead to 2025, the report warns that the number of discovered software vulnerabilities is expected to exceed 45,000, marking a nearly 15% increase from the first ten months of 2024, equating to nearly 4,000 new vulnerabilities each month.

When it comes to ransomware claims, the most frequent initial access methods (IAVs) were stolen credentials, which accounted for 47% of incidents, followed by software exploits at 29%. Commonly targeted products include those from vendors like Fortinet, Cisco, SonicWall, Palo Alto Networks, and Microsoft.

The report also stresses the growing danger of exposed login credentials. Coalition uncovered over 5 million remote management solutions and thousands of vulnerable login panels that were openly exposed to the internet. Additionally, more than 65% of companies applying for cyber insurance had at least one exposed login panel.

To address these risks, Coalition uses a combination of artificial intelligence, honeypots, and human expertise to prioritise vulnerabilities based on their likelihood of exploitation. This approach helps reduce alert fatigue among policyholders, allowing them to focus on the most critical threats.

In fact, only 0.15% of vulnerabilities published in the first ten months of 2024 resulted in critical alerts, with 90% of vulnerabilities not triggering any alerts. Thanks to this proactive approach, Coalition policyholders were able to address over 32,000 vulnerabilities in 2024.

“This year’s report focuses on the most crucial security risks that under-resourced organisations should understand to better calibrate their defensive investments to bolster resilience,” said Daniel Woods, Senior Security Researcher at Coalition.

“Calibration involves balancing security investment across vulnerabilities, misconfigurations, and threat intelligence while also responding to emerging threats, such as zero-day vulnerabilities exploited in the wild. That’s why Coalition issues Zero-Day Alerts to help businesses, especially SMBs with limited security resources, stay ahead of these vulnerabilities and reduce alert fatigue by prioritising those posing the greatest risk.”

This website states: The content on this site is sourced from the internet. If there is any infringement, please contact us and we will handle it promptly.