Cybersecurity Insiders reports:
Cyberattacks have long evolved in waves, with ransomware groups historically choosing their victims based on industry type or company size. Financial institutions, healthcare providers, and large enterprises were often prime targets due to their ability to pay hefty ransoms.
However, a new trend is emerging that signals a shift in attacker strategy. Instead of focusing solely on who the victim is, cybercriminals are now paying closer attention to the technology infrastructure organizations rely on—particularly the network appliances that keep businesses connected.
A recent 2026 InsurSec Report released by At-Bay, a California-based cyber insurance provider, highlights this growing concern. According to the study, attackers are increasingly targeting organizations that use Virtual Private Networks (VPNs) with known vulnerabilities. VPNs, which are designed to secure remote access, have ironically become one of the weakest entry points when not properly maintained or updated.
[…]
Among the most affected products were those offered by SonicWall. The company’s VPN solutions accounted for over 27% of ransomware-related claims, placing them at the top of the list in terms of targeted platforms. A major contributor to these attacks was the ransomware group Akira, which was identified as one of the most active threat actors exploiting SonicWall appliances.
Read more at Cybersecurity Insiders.
