SonicWall released a new threat brief, revealing that misconfigurations have fueled more than 9.5 million cyberattacks in the first half of the year. The report highlights how basic errors such as directory access misconfigurations, accidental data exposure and authentication failures continue to drive breaches despite the widespread availability of security tools.
According to the report, nearly 70% of organizations faced at least one authentication bypass attempt between January and June. Many incidents were linked to long-standing vulnerabilities like Fortra GoAnywhere MFT, which attackers continue to exploit years after its initial discovery. Consulting services firms were disproportionately impacted, accounting for 46% of all misconfiguration-related detections.
“While the cybersecurity industry often focuses on zero-day exploits and advanced persistent threats, attackers are still finding success through simple missteps,” said Doug McKee, Executive Director of Threat Research at SonicWall. “The fact that misconfigurations remain one of the leading causes of breaches shows that organizations need better visibility, consistent processes and operational support to avoid repeating the same mistakes.”
The threat brief notes that approximately 88% of misconfigurations fall into three categories:
- Directory access misconfigurations (45%)
- Accidental data exposure (24%)
- Authentication failures (19%)
Gartner projects that 99% of cloud security failures will be customer-side misconfigurations by year-end, further underscoring the urgency for organizations to address configuration drift and operational discipline.
SonicWall solutions, such as its Managed Protection Security Suite (MPSS) and SonicSentry MXDR, provide 24/7 monitoring, configuration management, and rapid response for organizations that lack internal bandwidth. Combined with tools like Network Security Manager (NSM), SonicWall AI Monitoring and Insights (SAMI), and Cloud Secure Edge (CSE), customers gain unified control and Zero Trust capabilities across endpoints, networks and identity systems.
“Misconfigurations are not obscure technical flaws; they are operational challenges that persist because they are difficult to manage at scale,” continued McKee. “SonicWall is committed to helping organizations overcome these challenges with a combination of technology, people and processes that reduce complexity and strengthen protection.”
The full September 2025 Threat Brief is available here: https://www.sonicwall.com/resources/brief/sonicwall-threat-brief-2025-the-misconfiguration-epidemic
