AI, Threat Intelligence and The Cyber Arms Race: SonicWall CEO Bill Conner Joins Chertoff Group Security Series Event

SonicWall President and CEO Bill Conner was featured as part of an exclusive group of cybersecurity thought-leaders at The Chertoff Group Security Series Event, “AI, Threat Intelligence and The Cyber Arms Race,” on June 18.

Conner was flanked by Christopher Krebs, Director of Cybersecurity and Infrastructure Security Agency (CISA) in the Department of Homeland Security; Dimitri Kusnezov, Deputy Under Secretary for Artificial Intelligence & Technology, Department of Energy; along with panel moderator Chad Sweet, Chief Executive Officer and Co-Founder, The Chertoff Group.

Together, they took to the stage to discuss how AI solutions are being leveraged to prevent, detect and respond to the cyber threats attacking both critical public infrastructure and the private sector.

The wide-ranging discussion took on everything from election cybersecurity to self-driving cars, but was grounded by a focus on how AI is increasingly growing in importance when running cyber defenses in both the public and private sectors.

With this in mind, they looked at the increasing number of ‘have and have-nots’ in these areas with Conner pointing out that an underfunded agency or a small company simply doesn’t “have the resource — capital or human” to defeat a major cyberattack without AI-based cyber defenses such as SonicWall Real-Time Deep Memory InspectionTM (RTDMI) that can both detect and prevent existing and never-before-seen cyberattacks as they appear.

From left to right, The Chertoff Group co-founder Chad Sweet, CISA director Christopher Krebs, DOE Deputy Under Secretary Dimitri Kusnezov and SonicWall CEO Bill Conner converse during The Chertoff Group Security Series June 18 in Maryland.

‘It starts with the chip’

The conversation moved on to discuss current types of cyberattacks and how growth in 5G, while increasing exponentially, is leaving itself open to sophisticated state-sponsored attacks because the industry has still not fully agreed upon a security standard.

They agreed that in 2019 cybersecurity has to go all the way down to the supply chain and chip level, especially when considering ongoing controversies over alleged government influence on companies like Huawei, and confirmed tech problems like the side-channel vulnerabilities in Intel chips. In Bill Conner’s words, “It does start with the chip … because that’s everywhere.”

Watch the whole video (provided above) for the in-depth consideration of the threats posed by Internet of Things (IoT) growth, a lively Q&A session with the audience, and the astute observation that modern cyber threats are borderless and not bound by the same rules as other threats.

“Tariffs and borders are all interesting. They’re all the rage these days,” said Conner. “But cyber doesn’t care about that … we have to think differently … we learned how to fight air, land and sea, [now] we’re learning how to fight cyber.”

About the Chertoff Group Security Series

Since 2013, The Chertoff Group Security Series has become a respected community building event to discuss important national security and risk management issues, highlight innovation, and network with leading practitioners, policy makers, investors, and thought leaders.

The Chertoff Group Security Series convenes CEOs, CSOs, CIOs, CISOs, COOs, General Counsels, senior agency leadership, and senior IT risk executives from both the public and private sectors. The forum welcomes technology and security leaders across a variety of industries whose operational business decisions are impacted by technology and are seeking insight on role of policy in today’s global technology business market.

Cyber Security News & Trends

This week, SonicWall is featured on Reuters TV, federal cybersecurity is found to be seriously out of date, and a young hacker is taking down Internet of Things botnets by bricking as many IoT objects as he can.


SonicWall Spotlight

To Pay or Not To Pay: U.S. Cities With Ransomware – Reuters

  • SonicWall’s Dmitriy Ayrapetov is featured demonstrating a ransomware attack in this Reuters video segment investigating the current increase in ransomware attacks on US cities.

HiddenTear Ransomware Variant Encrypts and Gives Files .Poop Extension – SonicAlert

  • The SonicWall Capture Labs Threat Research Team came across some childish ransomware which, after replacing your files with a “.poop” extension, updates your background with a poop emoji. It is, however, real ransomware and should be treated as such; SonicWall protects you from it.

Cyber Security News

U.S. Carried Out Cyberattacks on Iran – New York Times

  • Multiple news outlets report that the United States Cyber Command conducted online attacks against an Iranian intelligence group after physical strikes were called off. Full details on what was attacked are not known and US Cyber Command have not released any information.

Federal Cybersecurity Defenses Are Critical Failures, Senate Report Warns – CNBC

  • After a 10-month review of federal agencies, a damning 99-page report on federal cybersecurity has been released. Details include failures to apply mandatory security patches, ignoring well-known threats and weaknesses for a decade or more, and outdated systems with at least one case of a 50-year-old system still in use in 2019.

NASA Hacked Because of Unauthorized Raspberry Pi Connected to Its Network – ZDNet

  • NASA confirmed that in April 2018 a hacker breached their security using a Raspbery Pi device and accessed around 500 megabytes of data, including information on the ongoing Mars Curiosity Rover mission. The full investigation into what happened is still ongoing.

The Hotel Hackers Are Hiding in the Remote Control Curtains – Bloomberg

  • Bloomberg hitch a ride with some IT consultants who are investigating the rise of cyberattacks on hotels – seen by the hacking community to be both lacking in basic cybersecurity and as a massive database of personal information.

Hackers Strike Another Small Florida City, Demanding Hefty Ransom – Wall Street Journal

  • Lake City officials in Florida agreed to pay 42 bitcoins, around $500,000, in a ransom less than a week after another Florida City, Riviera Beach, paid a similar amount to retrieve their data.

A Firefox Update Fixes yet Another Zero-Day Vulnerability – Engadget

  • Mozilla patched two zero-day vulnerabilities over the past week, with the second coming only 48 hours after the first. Both zero-days used the same attack and they appeared to be targeting Coinbase employees directly.

Riltok Banking Trojan Begins Targeting Europe – SC Magazine

  • The Riltok banking trojan, originally intended to target Russians, has been modified to target the European market. It is spread via a link in a text message that, if clicked, directs the user to a website that prompts them to install a fake update of advertising software.

And finally:

Thousands of IoT Devices Bricked By Silex Malware – Threat Post

  • A 14-year-old hacker has been spreading anti-Internet of Things malware because he wants to stop other hackers using the devices for botnets. At the time of writing at least 4,000 devices have been bricked by his malware.

In Case You Missed It

Cyber Security News & Trends

This week, it’s National Selfie Day, Facebook launches its cryptocurrency, and, as predicted by SonicWall, ransomware is all over the news.


SonicWall Spotlight

National Selfie Day

  • June 21 is National Selfie Day and SonicWall staff around the world are taking part! Can you name all the locations?

Innovation Will Sharpen America’s Tech Edge, Federal Officials Say – NextGov

  • SonicWall CEO Bill Conner appeared at a Chertoff Group Security Series Event this week. Next Gov quotes his insight as they cover the full discussion between him, Christopher Krebs, director of the Homeland Security Department’s Cybersecurity and Infrastructure Security Agency, and Dimitri Kusnezov, Deputy Under Secretary for Artificial Intelligence & Technology, Department of Energy.

Latest Attack From TrickBot Malware Family Identified: SonicWall – CRN (India)

  • CRN follow up on the SonicWall Capture Labs Threat Research Team’s identification of a new variant of Trickbot malware. The modular structure on this malware allows it to freely add new functionalities without modifying the core bot. This story was also covered in Var India, DataQuest, NCN Online, Tech Herald, and CSO Forum.

Cyber Security News

U.S. Lawmaker Calls for Facebook to Pause Cryptocurrency Project – Reuters

  • Amid comments that Facebook is “already too big and too powerful,” House Representative Maxine Waters is calling for Facebook to halt development on the Libra cryptocurrency until Congress and regulators can review the issue.

Hit by Ransomware Attack, Florida City Agrees to Pay Hackers – New York Times

  • The City Council of Riviera Beach unanimously agrees to have its insurance carrier pay 65 Bitcoin, about $592,000, to hackers after the city systems were caught by a ransomware attack three weeks previously.

Is AI Fundamental to the Future of Cybersecurity? – CSO Online

  • While traditional cybersecurity tools require some level of human interaction to keep them running and up-to date, CSO Online investigate the development and advancement of AI which may be able to develop and improve with little to no human involvement. They also predict that passwords will become obsolete if AI proves to be the more secure option.

U.S. Cities Are Under Attack From Ransomware — and It’s Going to Get Much Worse – Vice News

  • With Atlanta, Baltimore, and many smaller cities getting hurt by ransomware, Vice argues that ransomware attacks appear to be spiking right now due to increased focus on government targeting, and just how easy launching an attack has become.

Inside the FBI’s Fight Against Cybercrime – Dark Reading

  • Dark Reading conducts an interview with a member of one of the small FBI teams that are dedicated to fighting cybercrime. The agent discusses the difficulties of being heavily outnumbered by criminal actors, but also the surprisingly high level of successes that they have achieved – including defeating the massive Mirai DDoS-for-hire attacks

Desjardins, Canada’s Largest Credit Union, Announces Security Breach – ZDNet

  • Canada’s largest credit union announces that 2.9 million members had customer data – including names, date of birth, social insurance number, addresses and more – taken from its database by a now ex-employee. The Credit Union is currently working with law enforcement to investigate the breach.

Maryland Governor Signs Order to Boost Cybersecurity After Baltimore Ransomware Attack – The Hill

  • Responding to Baltimore’s recent ransomware woes, Maryland Governor Larry Hogan signs an executive order establishing the “Maryland Cyber Defense Initiative” and creating a Chief Information Security Officer who will be charged with giving cybersecurity recommendations to the governor.

In Case You Missed It

Defending Endpoints from Fast, Ferocious Ransomware Attacks

It’s 2019 and massive ransomware attacks are still making headlines, especially against city governments.

In 2018, the City of Atlanta attack shut down over a third of 424 software programs with total damages expected to be over $40 million USD. This year, the City of Baltimore was targeted with multiple systems and agencies down. At the time of writing, the damage caused by the attack hasn’t been fully repaired and the bill is coming in at $18 million.

As much as people preach about segmenting networks, backing up data and improved network security, ransomware attacks are happening at scale with increasing ferocity.

IT administrators look for solutions and that quest usually involves security for the endpoint. Since a lot has changed in the world of endpoint security, administrators are exploring the options that fall into the endpoint detection and response (EDR) category.

“As much as people preach about segmenting networks, backing up data and improved security, ransomware attacks are happening at scale with increasing ferocity.”

Osterman Research published a research paper to outline the concerns, reasons and requirements admins on the front lines have with EDR solutions. Use this latest white paper to guide your organizations as you deploy your first endpoint protection solution or upgrade legacy antivirus protection.

The SonicWall Capture Client endpoint solution offers many endpoint detection and response (EDR) capabilities that give organizations the ability to mitigate attacks, remediate them and report back to the organization.

Cyber Security News & Trends

This week, why businesses need layered cybersecurity, the “most dangerous hacking group” are eyeing up the US power grid, and inside the online leak of hours of sought-after Radiohead rehearsals.


SonicWall Spotlight

Technology Enablement Demands Layered Cyber-Security – SC Magazine

  • Writing in SC Magazine, SonicWall CEO Bill Conner explains why organizations need layered cybersecurity to keep up with modern cyberthreats. He warns that businesses cannot take their cyberdefenses for granted when criminals will use every available vector to launch an attack.

SonicWall Identifies TrickBot Malware, That Steals Customer’s Online Banking Information – CRN India

  • The SonicWall Capture Labs Threat Research Team recently released an update detailing a variant of the Trickbot malware family actively spreading across the internet. CRN India investigate the update.

Cyber Security News

This “Most Dangerous” Hacking Group Is Now Probing Power Grids – ZDNet

  • A hacking group described as “the most dangerous threat” to industrial control systems has been has been detected probing US power grid cybersecurity. Known as Xenotime, the hackers previously launched a successful cyberattack on a petrochemical plant in Saudi Arabia.

House Passes Bill to Establish DHS Cyber “First Responder” Teams – The Hill

  • New legislation has been passed in the US that aims to create “cyber incident response teams” – providing fast assistance to public or private organizations suffering from a breach or cyberattack.

Dark Web Becomes a Haven for Targeted Hits – Dark Reading

  • Almost half of Dark Web vendors sell targeted hacking services aimed at FTSE 100 and Fortune 500 businesses. Dark Reading investigates what is available to would-be cybercriminals and finds that access to corporate networks is sold openly and that malware prices range from $150 to $1500 depending on how sophisticated the request.

These are the worst hacks, cyberattacks, and data breaches of 2019 (so far) – ZDNet

  • As we reach the halfway point in the year, ZDNet take a look at what they consider the biggest cybercrime events of the year so far, including multiple medical breaches and a university that had 19 years of data stolen.

Lawmakers Demand Answers on Border Patrol Data Breach – The Hill

  • After hackers broke into a third-party border patrol database, lawmakers have been pushing hard to find out both what happened and how to prevent it from happening again. The breach resulted in the exposure of images of as many as 100,000 people entering and exiting the U.S. over the period of a month and a half.

This data-stealing malware has returned with new attacks and nasty upgraded features – ZDNet

  • The malware known as Scranos has upped its game after operators had their previous plans interrupted. Having updated their methods they have also taken time to add on a trojan and cryptojacker on top of their previous payload.

For Sale: Have I Been Pwned – Gizmodo

  • The owner behind the popular security website that lets people know if their details have been compromised is selling up. In a blog post he explained that the website has gone as far as it possibly can when only run by one person.

Radiohead Fans vs. Black-Market Sellers: The Battle to Leak the OK Computer Tapes – Pitchfork

  • After initial reports that minidiscs were being held to ransom, Pitchfork investigates the full story behind the leak of over 16 hours of rehearsals and demos, going deep into the world of online fandom.

In Case You Missed It

Cyber Security News & Trends

This week, there’s a new cybersecurity power couple as SonicWall and ADT announce a strategic partnership to protect SMBs, U.S. cities face a ransomware pandemic and the ‘invisible web’ is growing rapidly.


SonicWall Spotlight

ADT Selects SonicWall as Exclusive Provider of Managed Cybersecurity Service Offerings for SMBs – SonicWall

  • SonicWall and ADT announce a strategic partnership that provides an exclusive cybersecurity offering to better protect small- and medium-sized businesses (SMB) from the growing volume of cyberattacks.

ADT Teams Up with SonicWall for SMB Security Services – Dark Reading

  • SonicWall CEO Bill Conner explains why SonicWall was the logical choice for a new cybersecurity offering from ADT, a company best known or delivering physical security monitoring. The connection between the two companies dates back to ADT’s acquisition of Secure Designs, Inc (SDI), formerly an MSSP selling SonicWall SMB security products.

Cyber Security News

Hackers Won’t Let Up in Their Attack on U.S. Cities – The Wall Street Journal

  • As Baltimore is still recovering a month after a devastating ransomware attack crippled the city’s infrastructure, the FBI is warning that this is not an isolated incident, calling the growing levels of ransomware attacks a “pandemic in the United States”.

Cyber-Thieves Turn to ‘Invisible Net’ to Set Up Attacks – BBC News

  • Gated chat forums, invitation-only communities and encrypted apps are the new communication channels of choice for cybercriminals to evade law enforcement agencies.

Hackers Steal $9.5 Million from GateHub Cryptocurrency Wallets – ZD Net

  • GateHub has released a preliminary statement confirming a security breach that has resulted in nearly $9.5 million stolen from the users of their cryptocurrency wallet service.

Hacking Diabetes: People Break into Insulin Pumps as an Alternative to Delayed Innovations – USA Today

  • Diabetes patients are jailbreaking their own insulin pumps, using instructions found online, in order to give their pumps the ability to self-adjust and remove the need for constant blood sugar monitoring.

LabCorp Data Breach Exposes Information of 7.7 Million Consumers – USA Today

  • A day after Quest Diagnostics announced 12 million patients were affected by a data breach, another medical testing company says its patients’ data was also compromised.

Hackers Can Now Bypass Two-Factor Authentication With a New Kind of Phishing Scam – Fortune

  • Two-factor authentication, the added security step that requires people enter a code sent to their phone or email, has traditionally worked to keep usernames and passwords safe from phishing attacks.

Baltimore Ransomware Attack: NSA Faces Questions – BBC

  • After a ransomware attack currently estimated to cost at least $18M Baltimore officials are questioning why the hacking vulnerability known as EternalBlue was not disclosed when discovered by the NSA years ago. The NSA are declining to comment on the issue.

New Zealand Budget Leak: ‘Hackers’ Had Simply Searched Treasury Website – The Guardian

  • After the embargoed New Zealand budget was leaked to the opposition National Party days before it was due to be released, officials were quick to call it a hack. However, it has now been found that the documents were searchable on the New Zealand treasury website.

HawkEye Malware Campaign Upticks on Business Users – SC Magazine

  • Hawkeye, a keylogger than has been around for six years, has seen a major increase in a campaign targeting business users worldwide.

Startups: Embrace Cybersecurity Priorities From Day One – Forbes

  • Forbes argues that cybersecurity in startups should not be considered an add-on or a luxury product and provide four cybersecurity priorities that a startup needs to think about from day one.

Emotet Made up 61% of Malicious Payloads in Q1 – Dark Reading

  • A new study has found that 61% of all malware payloads in the first quarter of 2019 contained the Emotet botnet.

Security Expert: Here’s How Driverless Cars Could Be Hacked – Yahoo! Finance

  • As cars modernize and driverless cars are becoming a reality it is fair to say that they are becoming more and more like a series of interconnected computers. Yahoo! Finance looks at where the security weakpoint in these computers might be found, how it could be targeted by hackers, and how the car industry is struggling to keep up with security requirements.

Nation-State Security: Private Sector Necessity – SecurityWeek

  • Attackers with the funding and technical support of nation-states are now targeting commercial entities and the obvious split between commercial and political cyberattacks is disappearing. SecurityWeek examine the current threat landscape, including the increasing number of organizations embracing “Zero Trust” security models where all environments are considered untrusted until proven otherwise. They then offer some advice on how to ensure your organization is ready for cyberattacks.

Microsoft Issues Second Warning About Patching BlueKeep as PoC Code Goes Public – ZDNet

  • Microsoft again warned users to ensure their patches are up to date to protect against the Bluekeep vulnerability – described as similar to the EternalBlue exploit – after a proof-of-concept attack appeared online. SonicWall provides protection against this threat.

In Case You Missed It

SonicWall, ADT Ink Partnership to Offer Managed Cybersecurity Solutions to SMBs

Founded in 1874, ADT has long been synonymous with security. A new strategic partnership with SonicWall further expands the Florida-based company’s footprint into cybersecurity.

In a public release, “ADT Selects SonicWall as Exclusive Provider of Managed Cybersecurity Service Offering for SMBs,” the companies announced their plans to offer an exclusive managed security offering to small- and medium-sized businesses (SMB).

“The financial impact of a cyberattack can easily result in a company closing its door,” said SonicWall President and CEO Bill Conner in the official release. “As these threats evolve, so must the tactics we employ to protect organizations of all sizes. Their No. 1 focus should be on their business needs and operations, not on looming online threats.”

With SonicWall, ADT will deliver managed cybersecurity to SMBs much in the same manner as they simplify physical home security for the consumer market. This turn-key approach will make it easy and affordable for SMBs to protect their networks, data, email and brand — all for a single monthly price.

“For more than a century, ADT has been monitoring and responding to emerging threats for our customers. We will continue to do so with the help of cybersecurity pioneers like SonicWall … ”

— Jay Darfler
SVP Emerging Markets
ADT

“For more than a century, ADT has been monitoring and responding to emerging threats for our customers. We will continue to do so with the help of cybersecurity pioneers like SonicWall …,” said Jay Darfler, ADT SVP Emerging Markets.

ADT first began building its SMB cybersecurity offering in 2018 with the acquisition of Secure Designs, Inc (SDI). With the SonicWall partnership in place, ADT Cybersecurity now offers SMBs a truly end-to-end managed security solution. The new joint offering includes:

“We look forward to working with a world-renowned security provider to deliver the necessary tools to protect our customers,” said Conner.

SonicWall firewalls, secure email, cloud sandboxing and other networks security components are available now through ADT Cybersecurity.