Hackers are hitting firewalls and VPNs to breach businesses

News
By published

Network edge devices are a key point of entry for attackers

Norton VPN app on a mobile phone.
(Image credit: Norton VPN)
  • Network edge devices make up nearly 30% of intrusion points
  • Ransomware is still the most popular attack type
  • End-of-life devices pose a serious risk to security

It won’t come as much of a surprise to learn that cyberattackers are evolving their tactics, and that the number of attacks is growing each year. New research from Sophos shows that these incidents involving network edge devices like routers, VPNs, and firewalls, are becoming a growing point of intrusion - accounting for nearly 30% of initial compromises observed in Sophos’ Annual Threat Report.

Within ransomware and data exfiltration attacks, VPNs were the most popular initial compromise type - making up 25% of events, even higher than compromised credentials, which sits at just over 15% - concerning given that billions of credentials are stolen from businesses around the world every year.

Unsurprisingly, ransomware topped the table for number of incidents, with over 90% of incident response cases for midsize organizations, and 70% of small business cases involving the attack.

Get Keeper Personal for just $1.67/month, Keeper Family for just $3.54/month, and Keeper Business for just $7/month.

Get Keeper Personal for just $1.67/month, Keeper Family for just $3.54/month, and Keeper Business for just $7/month.

Keeper generates and stores strong passwords so you never have to remember them again. Don’t let one weak password leave you exposed.

Preferred partner (What does this mean?)

View Deal

Digital detritus

A noticeable trend in cybersecurity is the rise in social engineering attacks, primarily to collect credentials in order to move forward into the targeted organization’s network. This is largely due to AI enabling attackers to send out more sophisticated phishing attacks at a higher rate than ever.

“Over the past several years, attackers have aggressively targeted edge devices. Compounding the issue is the increasing number of end-of-life (EOL) devices found in the wild – a problem Sophos calls digital detritus. Because these devices are exposed to the internet and often low on the patching priority list, they are a highly effective method for infiltrating networks,” said Sean Gallagher, principal threat researcher at Sophos.

Out-of-date tech poses a serious risk to cybersecurity teams, and is costing organizations in operational costs and security risks - making lifecycle management an integral part of cyber defense.

“However, targeting edge devices is part of a larger shift we’re witnessing in which attackers don’t have to deploy custom malware. Instead, they can exploit businesses’ own systems, increasing their agility and hiding in the places security leaders aren’t looking,” Gallagher adds.

You might also like

Ellen Jennings-Trace
Ellen Jennings-Trace
Staff Writer

Ellen has been writing for almost four years, with a focus on post-COVID policy whilst studying for BA Politics and International Relations at the University of Cardiff, followed by an MA in Political Communication. Before joining TechRadar Pro as a Junior Writer, she worked for Future Publishing’s MVC content team, working with merchants and retailers to upload content.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.