Cyber Security News & Trends

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.

SonicWall Spotlight

Cyber Monday, Black Friday Targeted by Spike in Ransomware Attacks – SonicWall

  • SonicWall researchers have completed a special analysis of cyber threat data and attacks for the busiest online shopping period of the year. SonicWall CMO David Chamberlin explains the newest cyberattack trends to have emerged over the Black Friday and Cyber Monday weekend.

Best in Biz Awards 2018 Winners – Best in Biz

  • SonicWall win two awards with a Gold for Most Innovative Product of the Year – SMB for our Capture Cloud Platform, and a Silver for Support Department of the Year.

SonicWall Aims to Be an All-Round Player in Security Solutions: COO Atul Dhablania – Tech Circle (India)

  • Atul Dhablania is interviewed by Tech Circle about SonicWall’s presence in the region, the Internet of Things, and the current cybersecurity landscape.

Cyber Security News

A Plan to Turn New York Into a Capital of Cybersecurity – New York Times

  • They’re calling it “Cyber NYC” and it’s an ambitious plan to turn New York City into a global leader of cybersecurity innovation and job creation.

ThreatList: Cryptominers Dominate Malware Growth in 2018 – Threat Post

  • Kaspersky Lab figures say cryptomining botnets have jumped from 2.9 percent of botnets in 2017 to 4.6 percent in 2018. It’s a problem SonicWall has noticed as well.

Buckle Up: A Closer Look at Airline Security Breaches  – Dark Reading

  • An in-depth look at how and why there has been so many Airline security breaches recently and the big question, could a cybercriminal take a plane down from the sky?

Half of All Phishing Sites Now Have the Padlock – Krebs on Security

  • Once upon a time the security padlock was enough to tell you if a website was legitimate, this is no longer the case.

Uber Fined £385,000 for Losing UK Customer Data – BBC

  • Having previously settled in the US, Uber received a fine in Europe for not sufficiently disclosing their 2016 data breach.

Why Cyber Monday Is Just the Beginning of the Festive Hacking Season – ZDNet

  • Cyberattacks reach a peak around the holiday season but ZDNet argue that understaffing over Christmas leaves many companies open to further attacks.

The Case for Protecting Small Firms From Cyber Lawsuits – Wall Street Journal

  • Small companies often do not have the resources to be able to meet the strictest cybersecurity standards. Two academics argue that they should not be financially penalized in the same way as larger corporations can be.

In Case You Missed It

3 Ways to Prevent Cryptominers from Stealing Your Processing Power

Visiting a website is no longer what it used to be.

Despite this hilarious Imgur post, there is a different trend you may not have noticed: cryptomining via the browser. Many news and procrastination (e.g., BuzzFeed) websites add dozens of trackers to monetize the experience.

However, some sites may also use your browser to mine cryptocurrencies (e.g., bitcoin, Ethereum or Monero) for their own financial gain. The mining stops once you leave, but there is a popular new form of malware that attempts to turn your device into a full-time cryptocurrency mining bot called a cryptojacker. Cryptojacking’s threat to your endpoint or business is based on three things:

  • The energy it consumes or wastes
  • The damage it can do to a system
  • The loss to productivity due to limited resources.

Unlike ransomware that wants to be found (to ask for payment), a cryptojacker’s job is to run invisibly in the background although your CPU performance graph or device’s fan may indicate something is not normal.

Despite our vigilance and knowledge of the warning signs, a report from the Ponemon Institute stated the average length of time for an organization to discover malware or a data breach in 2017 was 191 days.

Ransomware authors have switched gears over the past two years to use cryptojacking more, because a ransomware strain’s effectiveness and ROI diminish as soon as it ends up on public feeds like VirusTotal. Like anyone else running a highly profitable business, cybercriminals need to constantly find new ways to fulfill their financial targets. Cryptojacking may solve that.

For example, the Apple App Store briefly carried a version of a free app called ‘Calendar 2’ that mined Monero cryptocurrency while open. It reportedly made $2,000 in two days before it was pulled from the App Store.

The Lure of Cryptomining

Cryptomining operations have become increasingly popular, now consuming almost half a percent of the world’s electricity consumption. Despite the wild swings in price, roughly 60 percent of the cost of legitimately mining bitcoin is the energy consumption. In fact, at the time of writing, the price of a bitcoin is worth less than the cost of mining it legitimately.

With such costs and zero risk as compared to buying and maintaining equipment, cybercriminals have strong incentives to generate cryptocurrency with someone else’s resources. Infecting 10 machines with a cryptominer could net up to $100/day, so the challenge for cryptojackers is three-fold:

  1. Find targets, namely organizations with a lot of devices on the same network, especially schools or universities.
  2. Infect as many machines as possible.
  3. Unlike ransomware, and more akin to traditional malware, stay hidden for as long as possible.

Cryptojackers use similar techniques as malware to sneak on to an endpoint: drive-by downloads, phishing campaigns, in-browser vulnerabilities and browser plugins, to name a few. And, of course, they rely on the weakest link — the people — via social engineering techniques.

How to Know if You are Infected by Cryptominers

Cryptominers are interested in your processing power, and cryptojackers have to trade off stealth against profit. How much of your CPU resources they take depends on their objectives.

Siphoning less power makes it harder for unsuspecting users to notice. Stealing more increases their profits. In either case, there will be a performance impact, but if the threshold is low enough it could be a challenge to distinguish the miner from legitimate software.

Enterprise administrators may look for unknown processes in their environment, and end users on Windows should spawn a Sysinternals Process Explorer to see what they are running. Linux and macOS users should investigate using System Monitor and Activity Monitor, respectively, for the same reason.

How to Defend Against Cryptominers

The first step in defending against cryptominers is to stop this type of malware at the gateway, either through firewalls or email security (perimeter security), which is one of the best ways to scrub out known file-based threats. Since people like to reuse old code, catching cryptojackers like CoinHive can be a simple first step.

If the malware strain is unknown (new or updated), then it will bypass static filters in perimeter security. If a file is unknown, it will be routed to a sandbox to inspect the nature of the file.

In the case of SonicWall Capture ATP, the multi-engine sandbox environment is designed to identify and stop evasive malware that may evade one engine but not the others.

If you have an endpoint not behind this typical set up (e.g., it’s roaming at the airport or hotel), you need to deploy an endpoint security product that includes behavioral detection.

Cryptominers can operate in the browser or be delivered through a fileless attack, so the legacy solutions you get free with a computer are blind to it.

A behavioral-based antivirus like SonicWall Capture Client would detect that the system wants to mine coins and then shut down the operation. An administrator can easily quarantine and delete the malware or, in the case of something that does damage to system files, roll the system back to the last known good state before the malware executed.

By combining a mixture of perimeter defenses and behavioral analysis, organizations can fight the newest forms of malware no matter what the trend or intent is.

To learn more about how you can defend your organization from these threats I recommend reading this white paper, “Best Practices for Protection Against Phishing, Ransomware and Email Fraud.”

Cyber Monday, Black Friday Targeted by Spike in Ransomware Attacks

Throughout the year, SonicWall tracks cyber threats around the clock. But the holiday shopping season — specifically the days around Thanksgiving — is anything but typical.

During this nine-day window, cybercriminals plan and execute cyberattacks, even before the early hours of Black Friday. They systematically build malware, ransomware and phishing campaigns to prey on busy holiday shoppers.

For the 2018 holiday shopping season, SonicWall Capture Labs threat researchers focused on the three key shopping days — Black Friday, Small Business Saturday and Cyber Monday — that anchor Thanksgiving week in the U.S.

At a macro level, malware attacks dipped in 2018, while ransomware, phishing and cryptojacking attacks all increased significantly. Over the nine-day Thanksgiving holiday shopping window (Nov. 19-27), SonicWall customers faced:

  • 91 million malware attacks (34 percent decrease over 2017)
  • 889,933 ransomware attacks (432 percent increase over 2017)
  • 45 percent increase in phishing attacks compared to the average day in 2018

Malware Volume Dips for Holiday Shopping, Still Trending High in 2018

Malware data trends represent one of the best indicators of cybercriminal tactics and big-picture strategies. After a relatively down 2016, malware volume surged in 2017 to record levels, increasing 18.4 percent, as published earlier this year in the 2018 SonicWall Cyber Threat Report. Through October 2018, malware attacks were already up 44 percent year to date.

However, U.S. malware attacks were actually down, across the board, during the Thanksgiving holiday. This moderate decline in the use of malware includes a 47 percent drop on Cyber Monday and a 40 percent decrease on Black Friday, the two biggest shopping dates of the season.

U.S. Malware Attacks | Thanksgiving Holiday

Shopping Days20172018YoY
Thanksgiving Holiday Nov. 19-27139,163,47691,442,673-34%
Black Friday13,082,2167,797,134-40%
Small Business Saturday12,407,8438,004,621-35%
Cyber Sunday16,267,04310,890,572-33%
Cyber Monday22,662,09011,927,016-47%

This regression likely signifies that criminals are narrowing the focus to the most profitable types of attacks, such as ransomware, which spiked during the 2018 holiday shopping season.

Malware attacks dipped on each of the major shopping days in 2018, but overall malware volume has nearly doubled 2017 year to date.

As Black Friday Shoppers Stay Online, Ransomware Climbs

A decades-old tradition, Black Friday used to be the biggest shopping day of the year. But even with the emergence of Cyber Monday, more and more consumers are doing their Black Friday shopping online and not in brick-and-mortar stores.

SonicWall Capture Labs threat researchers recorded 28 times more ransomware attacks on Black Friday compared to 2017.

According to Reuters, online sales surpassed $6 billion on Black Friday in the U.S. — a 23 percent jump over last year. Conversely, sales at physical retail locations dropped 4-7 percent.

And, predictably, cybercriminals were waiting. SonicWall Capture Labs threat researchers recorded 28 times more ransomware attacks on Black Friday compared to 2017. In November, the infamous Cerber ransomware variant was the most prevalent, representing 76 percent of all ransomware attacks.

U.S. Ransomware Attacks | Thanksgiving Holiday

 Shopping Days20172018YoY
Thanksgiving Holiday Nov. 19-27167,388889,933432%
Black Friday4,088113,3032,672%
Small Business Saturday10,171103,611919%
Cyber Sunday16,25170,727335%
Cyber Monday24,425109,298347%

Each major shopping day saw triple-digit jumps over the same dates in 2017. Interestingly, ransomware attacks on Small Business Saturday — likely bleed over from Black Friday — were up 919 percent over 2017.

From a volume standpoint, Cyber Monday only trailed Black Friday in total attacks, further signifying shifting cybercriminal strategies that focus on more than specific shopping days for better success. These trends continued upward for the Tuesday following Cyber Monday as well.

Ransomware attacks were up across the board for Black Friday and Cyber Monday.

In January, SonicWall Capture Labs threat researchers will analyze data and publish findings from the entire shopping season to help the industry better understand cybercriminal strategies and their shifting behavior patterns.

This cyber threat intelligence will also serve as a precursor to the 2019 SonicWall Cyber Threat Report, which will be published early next year.

Exclusive Video: SonicWall CEO Bill Conner & CTO John Gmuender

SonicWall President and CEO Bill Conner and CTO John Gmuender walk you through the current cyber threat landscape, explore the importance of automated real-time breach detection and prevention, and address how to mitigate today’s most modern cyberattacks.

SonicWall Wins Gold and Silver in Best in Biz Awards 2018

SonicWall has been named a multiple winner in the 8th annual Best in Biz Awards, the only independent business awards program judged each year by prominent editors and reporters from top-tier publications in North America.

Best in Biz Awards 2018 honors were conferred in 70 award categories across five focus areas: company; department or team; executive; product; and CSR, media, PR and other categories. SonicWall received Best in Biz honors in in two categories, as a gold winner for the Most Innovative Product of the Year and a silver winner for the Support Department of the Year.

With the addition of the Best in Biz Awards, SonicWall has won 44 industry honors so far in 2018.

SonicWall’s Capture Cloud Platform took the gold award in the Most Innovative Product of the Year – SMB category. The Capture Cloud Platform combines the global security intelligence of the Capture Threat Network with the cloud-based management, reporting and analytics of the Capture Security Center and the advanced threat prevention of the multi-engine Capture ATP sandbox. This approach enables our complete portfolio of high-performance hardware, virtual appliances and clients to harness the power of the cloud.

SonicWall’s Global Support team, under the leadership of SVP and Chief Customer Success Officer Keith Trottier, was recognized with a silver award in the Support Department of the Year category. SonicWall is proud to provide dedicated, follow-the-sun service and support with global contact centers that are staffed 24/7 with technical support and customer service teams.

“All of the entries in the Service categories in this year’s Best in Biz Awards take the meaning of ‘service’ seriously – whether it is targeting individuals, companies or employees,” said Mari Edlin, Healthcare Innovation News, judging her third Best in Biz Awards competition. “Submissions represented an entirely new service, while others added an innovative touch to their other offerings, enhancing already existing, similar products. Hats off to everyone for keeping good service alive!”

Since 2011, winners in Best in Biz Awards have been determined based on scoring from independent judging panels deliberately composed each year of prominent editors and reporters from some of the most respected newspapers, TV outlets, and business, consumer, technology and trade publications in North America. Structured in this unique way, Best in Biz Awards is able to best leverage its distinguished judges’ unparalleled expertise, experience and objectivity to determine award winners from among the hundreds of entries. This year’s judging panel included writers and contributors to such publications as Associated Press, Barron’s, Consumer Affairs, eWeek, Forbes, Healthcare Innovation News, Inc., Investment Advisor Magazine, MediaPost, New York Post, New York Times, Ottawa Citizen and Wired.

For a full list of winners in Best in Biz Awards 2018, visit:

About Best in Biz Awards

Since 2011, Best in Biz Awards has made its mark as the only independent business awards program judged each year by a who’s who of prominent reporters and editors selected from top-tier publications from North America and around the world. Over the years, Best in Biz Awards judges have ranged from Associated Press to the Wall Street Journal and winners have spanned the spectrum, from blue-chip companies that form the bedrock of the world economy to local companies and some of the most innovative start-ups. Best in Biz Awards honors are conferred in two separate programs: North America and International, and in 70 categories, including company, team, executive, product, and CSR, media, PR and other categories. For more information, visit:

Cyber Security News & Trends

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.

SonicWall Spotlight

Two Cybersecurity Policies, One Clear New Objective – The Hill

  • SonicWall CEO Bill Conner has written an op-ed with his three policy prescriptions for the U.S. government following the National Institute of Standards and Technology (NIST) Small Business Cybersecurity Act and The National Cyber Strategy being signed into law.

Historic Black Friday, Cyber Monday Threat Data Prepares Businesses, Shoppers for Holiday Cyberattacks – SonicWall Blog

  • With Black Friday and Cyber Monday upon us cybercriminals are working overtime to find a gap in your cyber defense. We look at last year’s leap in malware attacks and advise on how to protect your business.

SonicWall Launches SD-WAN, Risk Metrics and New UTM Hardware – eWEEK

  • Sean Michael Kerner, senior editor at eWEEK, speaks to SonicWall’s Lawrence Pingree about SonicWall’s recent product expansion.

5 Key Skills for Next-Gen Communicators – Commpro

  • SonicWall’s David Chamberlin was recently featured on a panel discussion, How To Stay Relevant as a Communications Executive in 2020. Commpro has pulled the discussion together into a handy infographic.

Cyber Security News

Amazon Data Breach Reveals Private Details of Customers Ahead of Black Friday – The Telegraph (UK)

  • On the eve of some of the busiest shopping days of the year, Amazon confirmed a leak of customer names and emails.

VisionDirect Blindsided by Magecart in Data Breach – Threat Post

  • After VisionDirect confirmed a data breach exposing full names, addresses, telephone numbers, email addresses, passwords and payment card data, security researchers are saying this is the latest case of the ever-prolific Magecart threat group.

Security Warning: UK Critical Infrastructure Still at Risk From Devastating Cyber Attack – ZDNet

  • With the head of the UK National Cyber Security Centre previously stating that a major cybersecurity attack is a matter of “when, not if”, a new report from the UK’s Joint Committee on the National Security Strategy says the UK is still not facing up to cybersecurity threats.

Nine Cyber Security Predictions for 2019 – CSO Online

  • Ransomware, regulation, cyberwarfare and more; CSO Online tries to predict where cybersecurity will go over the next 12 months.

Facebook Appeals Against Cambridge Analytica Fine – BBC (UK)

  • Facebook is appealing their £500,000 fine, arguing that there is no evidence that any UK citizens had their data shared with Cambridge Analytica.

L0rdix Becomes the New Swiss Army Knife of Windows Hacking – ZDNet

  • A new malware called L0rdix has been found by researchers. It still looks to be in the development stages but it already manages to combine cryptocurrency mining, data theft and the ability to avoid malware analysis.

Report Reveals Struggles of SMBs Navigating Cyber Threat Landscape – SC Magazine

  • A recent study of Small and Medium Sized Businesses found over half of those surveyed have suffered from a data breach in the past year. Most respondents blame insufficient staff or cash, and a general lack of understanding of the threat landscape. SonicWall’s Charles Ho has some suggestions.

In Case You Missed It

Historic Black Friday, Cyber Monday Threat Data Prepares Businesses, Shoppers for Holiday Cyberattacks

It’s officially Thanksgiving week in the U.S. In addition to gathering with family and friends for the traditional turkey meal, many of us get excited about the holiday shopping season, which kicks off with Black Friday, goes virtual on Cyber Monday and extends through New Year’s Day.

If you’re looking to get a great deal on just about anything, this is the best time of the year to make that purchase. Everyone knows this, including cyber criminals. And that’s a problem for many organizations.

Perhaps as ominous foreshadowing, Amazon announced that a “technical error” exposed customer names and email addresses — days before Black Friday and Cyber Monday even got started.

Employees Will Make Personal Online Purchases on Corporate Time, Machines

Online shopping is a popular activity, both at home and in the office. It’s even more prevalent during the holiday shopping season. In a recent survey from Robert Half Technology, almost 65 percent of respondents said they will spend at least some of their work time making holiday purchases online.

While no one wants to be a Scrooge during the holidays, every organization needs to have safeguards in place to protect against the inevitable increase in the number of cyberattacks that are coming.

2017 Holiday Cyberattacks Paint Picture for 2018 Shopping Season

To help organizations, retailers, and small- and medium-sized businesses (SMB) prepare, the SonicWall Capture Labs threat research team analyzed cyber threat data from the second half of 2017. Unsurprisingly, there was an enormous spike in the number of malware attacks last year on Cyber Monday, the biggest online shopping day of the year. Here are some of the official data points from 2017:

  • Cybercriminals launched more than 113 million malware attacks on Cyber Monday last year, a 4.4x increase over the yearly average
  • Malware attacks jumped 27 percent on Black Friday
  • Ransomware attacks spiked 127 percent on Cyber Monday

So, what does this mean for 2018? Expect your organization to see more of the same. But there are proven methods to stop the surge in holiday cyberattacks.

6 Security Layers Organizations Can Use to Mitigate Holiday Cyberattacks

We know employees will be spending time online at work surfing for deals and customers will make purchases at point-of-sale (POS) terminals, so there is some inevitable risk. And while the data does show a worrisome trend, there are things you can do to protect your network, endpoints and data from cyberattacks during the holiday shopping season.

The key is to have a layered, defense-in-depth approach, something SonicWall can help with through our automated real-time breach detection and prevention platform. From the outside in, here are the six layers we recommend:

  1. Next-Generation Firewall – The first line of defense, a next-generation firewall (NGFW) should have high security efficacy and use machine learning to identify and block malware, ransomware and other attacks at the gateway.
  2. Deep Packet Inspection of TLS/SSL-encrypted Traffic – The use of encryption to hide cyberattacks continues to grow at a fast pace, so it’s essential any NGFW is able to scan encrypted traffic for threats.
  3. Email Security – Email is a common threat vector for delivering attacks, often through attachments, making it critical that any solution be able to scan inbound and outbound email for phishing attacks and infected attachments.
  4. Multi-engine Sandboxing – While one engine is good, several is better when it comes to identifying and blocking never-before-seen cyberattacks. SonicWall Capture ATP is a multi-engine sandbox that features block-until-verdict safeguards.
  5. Real-Time Deep Memory Inspection – SonicWall’s patent-pending RTDMITM technology, included with Capture ATP, identifies and stops difficult-to-find threats hidden in memory where malware’s weaponry is exposed for less than 100 nanoseconds.
  6. Capture Client – Endpoint devices used beyond the firewall perimeter are more susceptible to attacks. Capture Client provides multiple advanced endpoint protection capabilities in addition to the ability to roll back to a previous point before malware entered or was activated on the device.

Next week, SonicWall Capture Labs threat researchers will publish their analysis on three key shopping dates in 2018: Black Friday, Small Business Saturday and Cyber Monday.

Until then, explore the Capture Security Center, which provides a graphical view of the worldwide attacks over the last 24 hours, countries being attacked and geographic attack origins, and monthly trends by attack type.

October 2018 Cyber Threat Data: Web App Attacks, Ransomware Continue Upward Trend

Throughout 2018, we’ve been sharing monthly updates on the cyber threat data recorded and analyzed by SonicWall Capture Labs, highlighting cyberattack trends and tying it back to the overall cyber threat landscape.

Now, cyber threat intelligence from the SonicWall Capture Security Center is even deeper. The tool now provides empirical data on cyberattacks against web applications. In an increasingly virtual and cloud-connected world, protecting web apps is just as critical as defending more traditional networks.

In October, the overall number of web application attacks continued to rise sharply. We tracked over 1.8 million web app attacks, more than double the volume of attacks for the same time period in 2017.

One factor influencing this is the continued growth explosion of the Internet of Things (IoT), which has added billions of connected devices online, each bringing new and unique potential for vulnerabilities and weaknesses.

While the headline-grabbing news often focuses on processor attacks like Spectre or Meltdown, companies that aren’t using security measures, like SonicWall Capture Advanced Threat Protection with Real-Time Deep Memory Inspection (RTDMI), can leave their standard applications exposed and vulnerable to cybercriminals who are always looking for a weakness.

The volume of ransomware attacks also continued its global upward trend in October. So far in 2018 we’ve seen over 286 million worldwide attacks, up 117 percent from 132 million this time last year. On an individual customer level, that’s 57 attacks per day per customer, an increase from only 14 in October last year.

The growing frequency and complexities of cyberattacks paint a dire picture for global businesses of all sizes. The good news is that by assessing your business’s cybersecurity risk, improving overall security behavior, and ensuring that you are utilizing the right cybersecurity solutions for your business, it’s possible to protect your business from most data breaches.

October Attack Data

Globally, the SonicWall Capture Threat Network, which includes more than 1 million sensors across the world, recorded the following 2018 year-to-date attack data through October 2018:

  • 9.2 billion malware attacks (44 percent increase from 2017)
  • 3.2 trillion intrusion attempts (45 percent increase)
  • 286.2 million ransomware attacks (117 percent increase)
  • 23.9 million web app attacks (113 percent increase)
  • 2.3 million encrypted threats (62 percent increase)

In October 2018 alone, the average SonicWall customer faced:

  • 1,756 malware attacks (19 percent decrease from October 2017)
  • 819,947 intrusion attempts (17 percent increase)
  • 57 ransomware attacks (311 percent increase)
  • 8,742 web app attacks (185 percent increase)
  • 152 encrypted threats (12 percent increase)
  • 12 phishing attacks each day (19 percent decrease)

SonicWall Capture Security Center

SonicWall cyber threat intelligence is available in the SonicWall Security Center, which provides a graphical view of the worldwide attacks over the last 24 hours, countries being attacked and geographic attack origins. This view illustrates the pace and speed of the cyber arms race.

The resource provides actionable cyber threat intelligence to help organizations identify the types of attacks they need to be concerned about so they can design and test their security posture ensure their networks, data, applications and customers are properly protected.

Bill Conner: We Need a ‘Single, Comprehensive National Cybersecurity Strategy’

Some call him vocal. Others say he has passion.

But no matter your preferred adjective, there’s no mistaking Bill Conner’s unwavering commitment toward improving cybersecurity policy in the U.S.

After witnessing a year of high-profile breaches and a number of well-intentioned strategies, Conner penned a new opinion piece for The Hill, “Two cybersecurity policies, one clear new objective,” which outlines next steps for policymakers.

Conner, SonicWall’s president and CEO, applauds their direction. But he also feels some parts are disjointed and there should be better focus on integrating the government’s newest pair of policies: the National Institute of Standards and Technology (NIST) Small Business Cybersecurity Act and the National Cyber Strategy of the United States of America.

“What we have learned from the numerous breaches in the public and private sectors is that the foundation of the internet is a digital supply chain that must be defended from end to end …”

Bill Conner
SonicWall President & CEO

“What we have learned from the numerous breaches in the public and private sectors is that the foundation of the internet is a digital supply chain that must be defended from end to end; the smallest player has proven to be an effective entry point for mischief,” Conner outlined on The Hill.

The digital supply chain isn’t discussed enough. Business isn’t conducted in disparate networks or environments. Organizations big and small are virtually linked through contracts, partnerships, agreements and an untold number of networks. This means that cybercriminals can attack smaller organizations to gain lateral access to their true targets — often large enterprises or government agencies.

“To deliver robust, cost-effective cybersecurity strategies for small- and medium-sized businesses (SMB), enterprises and government agencies, we must align both sets of guidelines to create a single, comprehensive national cybersecurity strategy,” said Conner, who co-chaired the Corporate Governance Task Force of the U.S. Department of Homeland Security National Cybersecurity Partnership, helped unveil the INTERPOL Global Smart eID Card and addressed the United Nations on global challenges in cybercrime.

To move toward that objective, Conner prescribed three key transformations for the U.S. government, which are outlined in his featured commentary on The Hill.

Why SMBs Continue to Drive Growth in Managed Security Demand

by Charles Ho
SonicWall Outside Regional Sales Director

Large enterprises, like Facebook and Under Armor, continue to spend millions of dollars protecting their businesses from cyberattacks but still end up in the headlines — and not in a good way.

This hasn’t changed much since the first mega-breaches in 2013 and 2014. While they’ve incurred substantial fines or have lost significant reputation, most of these large enterprises have stayed in business.

This is not the case when we look at small- and medium-sized businesses (SMB), where a staggering 60 percent fail within six months of a cyberattack. When you take into consideration that 32 percent of SMBs were hit by at least one malware attack, this means one in five small businesses are closing down.

The disproportion will continue to grow as the gap in security protection between large enterprises and SMBs widens.

Governments around the world have already started taking action, from the recently signed NIST Small Business Cybersecurity Act in the U.S., to the Notifiable Data Breaches (NDB) scheme in Australia, to GDPR in the EU. However, the responsibility of staying protected ultimately sits with these SMBs.

SMB Cyber Security Requires Measured Strategy, Self-Awareness

SMBs must make a decision of protecting themselves or outsourcing the problem to a managed security service provider (MSSP). The solution is much more complex than simply installing antivirus or a firewall, so I’m going to oversimplify and break it into two pieces:

  • Procuring and implementing security technology and controls
  • Operating the technology and responding to cyberattacks that bypass security controls

The first component, the cost to the customer, is roughly the same whether they implement and manage cyber security themselves or outsource it to a partner. Although, a partner can make the process smoother and the technology easier to consume.

But let’s take a closer look at the second piece, which is the amount of effort needed for an average customer to respond to today’s threat landscape. First, let’s make some assumptions around the environment, both internally and externally:

  • The technology you’ve implemented is 100 percent effective against known cyber attacks
  • The combination of different security technology and controls gives you 99.9 percent effectiveness against unknown attacks. (While many may claim, there is no silver bullet in security.)
  • Last year, more than 350,000 new variants of malware were found daily
  • You’re exposed to 1 percent of threats seen globally – unlike advanced persistent threats (APT), the majority of threats like ransomware and cryptojacking take a “spray-and-pray” approach.

Quantifying SMB Cyber Security Effectiveness

Based on these assumptions, each SMB, on average, faces a handful of cyberattacks not blocked by any layer of protection. These attacks, ultimately, need to be investigated and mitigated via human interaction.

Depending on the scope of these incidents, it can take a matter of hours or days to remediate the problem. However, let’s assume each incident takes four hours for an analyst to resolve. This means that each SMB requires more than 1.5 dedicated headcount — to deal with this problem each day.

Here lies the fundamental problem to Scenario 1 listed above. SMBs can neither afford to hire dedicated security personnel, nor is there sufficient expertise in the workforce to fill that gap.

The result? A dire need for managed security services (MSS), especially for SMBs. If you’re already an MSP and have a set of loyal customers, extending your portfolio to include cyber security is simply a no-brainer. Leverage your existing managed service infrastructure and expertise to take advantage of one of the fastest-growing market opportunities: managed security.

This story originally appeared on MSSP Alert and was republished with permission.

Cyber Security News & Trends

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.

SonicWall Spotlight

SonicWall Secures Hybrid Clouds by Simplifying, Enhancing Deployment for Enterprises, SMBs – SonicWall Press Release

  • This week SonicWall announced a major expansion of their Capture Cloud Platform including secure SD-WAN, Zero-Touch Deployment, and personalized cyber threat intelligence.

Congress Passes Bill Creating Cybersecurity Agency at DHS – Security Week

  • SonicWall CEO Bill Conner talks to Security Week with his thoughts on why the Cybersecurity and Infrastructure Security Agency (CISA) Act is paramount for securing critical digital infrastructure.

Free SD-WAN Capability Highlights New SonicWall Capture Cloud Platform Announcements – Channel Buzz (Canada)

  • SonicWall’s Lawrence Pingree talks to Channel Buzz about SonicWall’s recent product expansion announcement and how he sees SonicWall’s position now compared to 12 months ago.

13 Tech Experts Share What Facebook Should Do Post-Data Breach

  • Bill Conner, CEO of SonicWall, is featured as a member of the Forbes Tech Council highlighting why good policy is important for a company like Facebook if they want to be able to recover from a data breach.

Cyber Security News

Researchers Discover Seven New Meltdown and Spectre Attacks – ZDNet

  • A team of researchers have found that new variants of Meltdown and Spectre are being released. SonicWall confirmed that Capture ATP cloud sandbox with Real-Time Deep Memory Inspection will stop them.

Nordstrom Blames Breach of Employee Data on Contractor – BankInfoSecurity

  • US department store Nordstrom suffered from an internal breach of employee data in October and have pinned the problem on a contractor.

Scare Force: Pakistan Military Hit by Operation Shaheen Malware – The Register (UK)

  • The Pakistan Air Force and Government have been hit with a concentrated phishing and malware campaign according to new research by Cylance.

Mozilla: Firefox Will Start Alerting You to Recently Breached Sites – ZDNet

  • Firefox Monitor, previously a separate website, is being expanded and integrated into the Firefox web browser and will inform users with an alert if a website being visited has had a breach reported in the previous 12 months.

2018 on Track to Be One of the Worst Ever for Data Breaches – Dark Reading

  • A new report says that 2018 is currently only behind 2005 when it comes to data breaches, with up to 3.6 billion records compromised so far.

Ahead of Black Friday, Rash of Malware Families Takes Aim at Holiday Shoppers – Threat Post

  • As many as fourteen types of malware are found to be readying themselves to take advantage of unsuspecting online shoppers.

A Leaky Database of SMS Text Messages Exposed Password Resets and Two-Factor Codes – Tech Crunch

  • An exposed server was found with tens of millions of text messages, including password reset links, two-factor codes, shipping notifications and more all easily accessible.

In Case You Missed It