Attacks Against Networks and VPN Infrastructure Surged in The Last 12 Months – Preparing for The Road Ahead

In 2024, we saw a major rise in attacks targeting networks and VPN infrastructure, exploiting vulnerabilities, and employing sophisticated techniques to compromise sensitive data and disrupt operations.

Over the next 12 months, look for increased sophistication in these attacks, with threat actors continually refining techniques, and employing strategies and advanced tools to exploit vulnerabilities and bypass security measures. AI and machine learning techniques will automate attacks and make them more effective.

Unfortunately, VPNs will continue to be a prime target, since they offer access to sensitive data and systems. We’ll likely see more attacks aimed at exploiting VPN vulnerabilities and compromising user credentials. Once inside a network, hackers will of course work for lateral movement, seeking to gain access to additional systems and data. This could involve techniques such as privilege escalation and credential theft.

This means that Zero Trust Network Access and technologies such as stealth networking become essential to combat these and other emerging threats.

The ultimate goal of many attacks will be to exfiltrate sensitive data such as customer information, financial records, patient health records, and intellectual property via malware, phishing, and social engineering.

Attackers may also seek to disrupt business operations, triggering downtime and financial losses. This could involve launching denial-of-service attacks or deploying ransomware to cripple critical systems.

Events and insights from the last 12 months demonstrate some of what we can expect ahead, such as:

• The Check Point Quantum Gateway vulnerability (CVE-2024-24919) highlights the importance of patching vulnerabilities but also upgrading to VPN technologies that eliminate the attack surfaces exposed promptly.
• The rise of AI and machine learning in cyberattacks poses a significant challenge for security professionals, and is expected to continue in 2025, but be increasingly multi-dimensional powered by AI.
• Organizations need to adopt a multi-layered approach to security, combining technology with strong policies and employee education, and focus on preemptive cyber defense technologies instead of being so reliant on detection and response.

Prioritizing cybersecurity and investing in robust defenses is the only way to protect organizational data and systems. Here are 10 best practices to help minimize risk and create a powerful cybersecurity framework:

1. Prioritize VPN security: 56% of organizations experience VPN-related cyberattacks and 91% share concerns about VPN security. Implementing robust next-generation VPN security measures is imperative. Specifically, consider stealth networking – the adage “you can’t hack what you can’t see” has never been more relevant than it is today.

It’s a given that traditional perimeters and boundaries and the legacy technologies that guarded them are no longer able to deliver either the security or the efficiency needed.

This is driving the emergence of stealth networking as the means to remove the common attack surface that exists in traditional network IPSEC and SSL VPNs. It eliminates the attackable surfaces that are often exposed in traditional IPSEC and SSL-based VPNs which come with multi-function firewalls, SD-WAN and standalone VPN gateway solutions.

2. Adopt zero-trust strategies: 78% of organizations plan to implement zero-trust strategies, and this is an ideal opportunity for practitioners to adopt a more secure approach by verifying the identity of all users and devices before granting access to sensitive resources.
3. Monitor for ransomware attacks: Ransomware remains one of the top threats exploiting VPN vulnerabilities (42%). Staying vigilant in monitoring networks for signs of ransomware activity, such as unusual network traffic or suspicious user behavior, is essential.
4. Schedule and conduct audits and penetration testing: The threat landscape is growing, as the 30% increase in malware attacks between 2023 and 2024 indicates. Security audits and penetration testing can help identify vulnerabilities before they are exploited by attackers.
5. Review and update incident response plans: With over 7 billion records exposed in data breaches, a robust incident response plan is essential for minimizing breach “blast zones” and impacts.
6. Implement security measures to prevent DDoS attacks: DDoS attacks are another top threat exploiting VPN vulnerabilities (30%), and implementing security measures such as rate limiting and IP blocking can mitigate these types of attacks.
7. Monitor data breaches closely: The average cost of a data breach in 2024 was $4.88 million, highlighting the importance of monitoring for signs of data breaches and taking swift action when they occur.
8. Keep up to date with security patches and updates: With an increase in malware attacks between 2023 and 2024 (30%), it is essential to stay current with the latest security patches and updates for all systems, including the latest generation of preemptive defense VPNs that Dispersive provides, to reduce the attack surface and prevent exploitation of known vulnerabilities.
9. Educate users about phishing threats: Phishing continues to be the primary cause of data breaches (80-95%). It’s essential that your users know how to recognize and avoid phishing attacks, including those that are launched through VPNs – a common gap in organizational security.
10. Develop a comprehensive cybersecurity strategy: By recognizing these statistics and implementing robust security measures, organizations can reduce their risk exposure and protect against diverse types of cyber threats.

About the Author

Lawrence Pingree is VP of Technical Marketing, Dispersive. As a renowned expert and former Vice President at Gartner’s Technology and Service Provider research practice, Lawrence Pingree has been instrumental in shaping the future of security innovation. With over 300 published research notes on cybersecurity, he has helped thousands of businesses and society as a whole evolve by accelerating IT security innovation and enabling its positive impact. As a thought leader in emerging security technologies and trends, Mr. Pingree’s insights have guided organizations through the complexities of modern cybersecurity, introducing key concepts such as Security As a Service/Software as a service (SaaS), Software Defined WAN (SDWAN), Content Disarm and Reconstruction (CDR), Endpoint Detection and Response (EDR), Network Traffic Analysis (NTA), Cloud Workload Protection (CWP), Cloud Incident Response Automation (CIRA), Generative Runtime Defense (GARD), and Secure Internet Gateways (SIG). As Dispersive Vice President of Technical Marketing, with his expertise spanning cloud security, endpoint security, generative security, and disinformation security, Mr. Pingree enables businesses to stay ahead of threats and capitalize on new market opportunities, making him a highly respected voice in the industry dedicated to accelerating information technology security innovation and its positive impact on business and society. Lawrence can be reached