Key Findings
Most ransomware claims in 2024 started with threat actors compromising perimeter security appliances (58%), like virtual private networks (VPNs) or firewalls.
Across all ransomware claims in 2024, the most common initial access vectors (IAVs) were stolen credentials (47%) and software exploits (29%).
Coalition detected over 5 million internet-exposed remote management solutions in 2024.
Coalition also detected tens of thousands of exposed login panels across the internet in 2024.
When applying for cyber insurance, most businesses (65%+) had at least one internet-exposed web login panel.
Remote desktop products were the second-most exploited vector for ransomware attacks in 2024, at 18%.
The total number of published software vulnerabilities will increase to over 45,000 in 2025.
The projected software vulnerability rate for 2025 is nearly 4,000 per month.
Insurance policyholders received critical alerts for just 0.15% of vulnerabilities published in the first ten months of 2024.
90% of vulnerabilities published in the first ten months of 2024 never triggered an alert for Coalition policyholders.
The predicted increase in software vulnerabilities for 2025 represents a 15% jump over the first 10 months of 2024.