Cisco and Citrix VPNs are linked to a significantly higher risk of ransomware attacks, according to a report from At-Bay. Organizations using these VPNs were nearly seven times more likely to experience an infection over a 15-month period, based on an analysis of over 100,000 policy years of cyber claims data. At-Bay's findings suggest that the complexity of these systems contributes to their vulnerabilities. While they aren't inherently insecure, maintaining them properly is challenging, often leading to outdated configurations and missed security patches. SonicWall VPN users also face risks, coming in second with a 5.8 times higher likelihood of ransomware infection. The report highlights that 80% of ransomware attacks against At-Bay's insured clients began with remote access tools, with many involving VPN devices. Attackers exploit the complexity of these appliances, which have evolved to combine multiple functions, creating larger attack surfaces. For organizations relying on these traditional systems, At-Bay recommends transitioning to cloud-based solutions like Secure Access Service Edge (SASE) to reduce exposure to attacks. SonicWall has faced scrutiny due to a rise in Akira ransomware attacks, with incidents tied to vulnerabilities in their devices. Factors like weak credentials and poor multi-factor authentication contribute to the problem. While SonicWall did not respond to inquiries, At-Bay's analysis indicates a significant increase in ransomware demands, highlighting ongoing security challenges for users. The report emphasizes the need for continuous maintenance and proactive security measures regardless of the vendor.