Cybersecurity News & Trends

This week, cybercriminals deployed attacks on both U.S. political parties, the shipping industry, and COVID-19 researchers.


SonicWall in the News

Sonicwall Unveils Boundless 2020, Company’s Largest Ever Global Virtual Partner Event — SonicWall Press Release

  • SonicWall unveils Boundless 2020, a three-day virtual partner event hosted online Nov. 17-19. 

Marina Pharmacy Secures Its Branches With SonicWall Next-Gen Firewalls — Intelligent CIO

  • How UAE-based Marina Pharmacy’s SonicWall implementation has improved the group’s security posture and secured network connectivity across its 40 retail stores.

Surge In Ransomware Attacks Threatens Student Data — TechTarget

  • SonicWall CEO Bill Conner explains why K-12 schools are an increasingly attractive target, and why they shouldn’t give in to ransom demands.

Rethinking Cloud Security Amidst Pandemic and Mounting Threats — Digital TechMedia

  • A closer look at how the pandemic has affected cybersecurity in India and around the globe.

Industry News

Cyber Pirates Hit Global Shipping Industry Nearing Peak Season — Bloomberg

  • Two key players in the global shipping industry are trying to restore computer networks and assess the damage from separate cyberattacks just ahead of peak season.

Hackers are using DNC volunteer pitch to deliver malware, researchers warn — The Washington Times

  • Democratic National Committee messaging has been repurposed and weaponized as part of a hacking campaign spotted by cybersecurity researchers following the debate

Ransomware: Gangs are shifting targets and upping their ransom demands — ZDNet

  • Ransomware gangs are getting smarter, factoring in companies’ revenues when determining the ransom they try to collect.

‘Mercenary’ hacker group runs rampant in Middle East, cybersecurity research shows — Reuters

  • Saudi diplomats, Sikh separatists and Indian business executives have been among those targeted by a group of hired hackers.

Phishing emails lure victims with inside info on Trump’s health — Bleeping Computer

  • A phishing campaign pushing a network-compromising backdoor pretends to have the inside scoop on President Trump’s health after being infected with COVID-19.

US warns: Big surge in Emotet malware campaigns makes it one of today’s top threats — ZDNet

  • CISA’s intrusion detection system has recorded 16,000 Emotet threats to government networks since July.

Will We Have Cyberwar or Cyber Peace? — The Wall Street Journal

  • The Wall Street Journal’s Richard Clark takes a look at what cyber warfare could look like in 2030.

Ransomware: Surge in attacks as hackers take advantage of organisations under pressure — ZDNet

  • Cyber criminals are doubling down on ransomware attacks, deploying more sophisticated campaigns at a time when remote working is already creating additional security challenges for businesses

US brokerage firms warned of widespread survey phishing attacks — Bleeping Computer

  • The U.S. Financial Industry Regulatory Authority (FINRA) has issued a notice warning member brokerage firms of widespread phishing attacks using surveys to harvest information.

COVID-19 Clinical Trials Slowed After Ransomware Attack — Threatpost

  • The attack on eResearchTechnology potentially slowed down coronavirus research worldwide, and researchers suggest a nation-state actor could be behind the incident.

In Case You Missed It

The Scope of Application Vulnerabilities

The use of business applications has grown 68% over the past four years — which has created headaches for IT, who are responsible for managing and for cleaning up any messes. To help you understand the scope, the average company today uses 129 applications. In the largest 10% of companies, that number is well over 200. If you’re a small business manager reading this, you’re not off the hook: You have, on average, 73 applications in use today. Despite the spending dip seen across IT this past year, we are on pace to see over $450B USD spent on enterprise software by year’s end.

In 2019 alone, CNAs assigned 9.0+ critical CVSS scores to over 16 thousand vulnerabilities.  Android was the worst offender (414), followed by Debian Linux (360), Windows Server 2016 (357), Windows 10 (357), Windows Server 2019 (351), Acrobat Reader DC & Reader (342) and Cpanel (321).

In my experience, ranging from communicating with ransomware attackers in Russia to a few Anonymous operators this past year, the main vulnerabilities are often used when trying to penetrate companies using spray-and-pray techniques. However, when the attack is more targeted towards specific business roles, I found that many critical vulnerabilities for applications that are less well-known (e.g. Vbox) are used in the attack. Since some static defenses may not be even looking to block attacks using these applications, they feel the target is more easily breached.

To supplement this anecdotal experience, SonicWall’s 2020 Mid-Year Threat Report shows a shift toward more targeted attacks, as indicated by a drop in overall malware attacks and a rise in unique variants found by our RTDMI technology. The data also shows shifts in the top applications attacked — but this is not news to those that have to defend against these attacks.

So how is SonicWall helping our friends in IT solve the sprawling ecosystem of applications and their vulnerabilities?

In June 2019, we released a unique feature within Capture Client (our next-generation endpoint security platform) called Application Vulnerability Intelligence. This feature, first of all, helps our CISOs and friends in IT catalog every application within the organization. Secondly, the management console displays the number of critical vulnerabilities within your apps on the dashboard, so one can quickly see and react. Thirdly, and more importantly, one can drill down and see what specific applications are vulnerable, what the severity rating for a particular application is, and the justification for that rating.

This knowledge helps IT help prioritize patching by either uninstalling the application from the administration console or by notifying the end user to patch. This will ultimately reduce the attack surface and thereby breaches and other IT headaches. If you would like to see this in action, please view this video.

For a more in-depth look at how to fit endpoint protection into your organization’s security posture, please see our Solution Brief: A Unified-Client Platform for Enterprise-Grade Endpoint Security.

SonicWall Unveils Boundless 2020, Company’s Largest Ever Global Virtual Experience

The cybersecurity and technology landscapes have never changed so quickly — and without warning — as they did in 2020.

During the COVID-19 pandemic, SonicWall and its global partner community of more than 20,000 strong pivoted, innovated and protected more than 500,000 customers across the world. While it was business as usual, it was anything but.

We learned together. Persevered together. Worked together.

But now we look toward 2021 to take on new challenges and opportunities to better protect, connect and secure our customers. To unify us in this mission, SonicWall introduces Boundless 2020, a worldwide virtual event, Nov. 17-19, connecting SonicWall partners with our elite innovators, experts, leaders and special guests.

Boundless 2020: Three-Day, Multi-Language Virtual Experience

Exclusively for SonicWall partners, Boundless 2020 will feature more than 20 hours of exclusive content and hear from over 30 speakers and presenters. The event will include:

  • Engaging Keynotes
  • Special Celebrity Guests
  • Roadmap Previews
  • Key Go-To-Market Sessions
  • Product Breakouts
  • Industry Roundtables & Panels
  • Insights from Regional Sales Experts
  • Infinite Networking Opportunities

Tailored to the needs of SonicWall’s diversified global team, Boundless 2020 will also offer regional breakouts in local languages, including English, German, French, Italian, Spanish, Portuguese and Spanish.

“While challenging, this year has prompted companies to be more creative when bolstering solidarity amongst channel teams that are more dispersed than ever,” said The Channel Company CEO Blaine Raddon. “It’s inspiring to see the effort companies like SonicWall are putting forth to ensure the success of their partners, distributors and customers. This type of team investment is critical for end-of-year efforts by all, which will accelerate the business into and through the next few years.”

Supporting the event and SonicWall’s mission to deliver Boundless Cybersecurity that mitigates risk for enterprises, SMBs, higher education and government agencies are Boundless 2020 Diamond Sponsors ADT Cybersecurity, Ingram Micro and Infinigate, as well as Gold Sponsors The Channel Company, Exertis, Tech Data and ADN. SonicWall partners can boost brand awareness with remaining Gold or Silver sponsorship packages.

Featuring Celebrity Keynote Speaker Col. Chris Hadfield, Industry Experts

Referred to as “the most famous astronaut since Neil Armstrong,” Col. Chris Hadfield is a worldwide sensation whose video of David Bowie’s “Space Oddity” — seen by over 75 million people — was called “possibly the most poignant version of the song ever created,” by Bowie himself.

Acclaimed for making outer space accessible to millions, and for infusing a sense of wonder into our collective consciousness not felt since humanity first walked on the Moon, Hadfield continues to bring the marvels of science and space travel to everyone he encounters.

An international bestselling-author, Hadfield has written three books: ‘An Astronaut’s Guide to Life on Earth,’ ‘You Are Here’ and his children’s book, ‘The Darkest Dark.’ In addition, Hadfield released his musical album, Space Sessions: Songs from a Tin Can, in 2015. He is also featured on Ted.com for his talk, ‘What I Learned from Going Blind in Space.’

The event will also feature a deep bench of industry icons, including Bruce Schneier, Keren Elazari and John Sileo.

Bruce Schneier

American cryptographer and computer security professional Bruce Schneier will lead a session on how technology is a key initiative to the greater public interest. Called a ‘security guru’ by The Economist, Schneier is the author of over a dozen books, including his latest, Click Here to Kill Everybody,’ as well as hundreds of articles, essays, and academic papers.

Schneier has testified before Congress, is a frequent guest on television and radio, has served on several government committees, and is regularly quoted in the press. Schneier is a fellow at the Berkman Klein Center for Internet & Society at Harvard University; a Lecturer in Public Policy at the Harvard Kennedy School; a board member of the Electronic Frontier FoundationAccessNow, and the Tor Project; and an Advisory Board Member of the Electronic Privacy Information Center and VerifiedVoting.org.

Keren Elazari

Keren Elazari is an internationally recognized security analyst, researcher, author and speaker, working with leading security firms, government organizations and Fortune 500 companies.

Elazari is the first Israeli woman to give a TED talk at the official TED Conference, and her TED talk about hackers has been viewed by millions, translated to 30 languages and is one of TED’s most watched talks on the topic of cybersecurity.

John Sileo

Boundless 2020 will also feature cybersecurity industry speaker John Sileo, who is a fun, high-energy expert who molds his first-hand experiences into successes as an award-winning author, 60 Minutes guest and keynote speaker to the Pentagon, Schwab and thousands of audiences ready to take concrete action on cybersecurity, digital privacy and tech/life balance.

Sileo is a Harvard graduate and author of four books, including ‘Stolen Lives: Identity Theft Prevention Made Simple.’

Cybersecurity News & Trends

This week, attackers targeted everything from the energy sector and the U.S. elections to social media accounts and your coffeemaker.


SonicWall in the News

The 100 People You Don’t Know but Should 2020 — CRN

  • SonicWall’s Jason Carter has been selected to be part of CRN’s annual “100 People You Don’t Know but Should” list.

How Home Tech Can Be Companies’ Weakest Link — Financial Times (Business Education)

  • SonicWall President and CEO Bill Conner weighs in on how companies can protect against risks due to remote employees’ home network setups.

Managed IT Service Providers Expands Support For Remote Workers During Pandemic — Crain’s Detroit Business

  • In March, SonicWall helped Vision Computer Solutions acquire additional licenses more quickly than normal so the company could rapidly transition to remote work.

These 13 Israeli Cybersecurity Startups Have Raised A collective $847 Million In Funding This Year For New Tools That Protect Remote Work  — Business Insider

  • Perimeter 81 — which SonicWall has invested in — is included in the roundup as a cloud-based company helping IT and security professionals more easily secure remote access.

Industry News

U.S. tech giants face curbs on data sharing, digital marketplaces, under draft EU rules — Reuters

  • Google, Facebook, Amazon, Apple and other U.S. tech giants could be banned from favoring their services or forcing users to sign up to a bundle of services under draft EU rules.

House passes bills to secure energy sector against cyberattacks — The Hill

  • The House has unanimously passed four bills aimed at securing the power grid and other energy infrastructure against cyberattacks.

Microsoft looks to expose espionage groups taking aim at NGOs, US politics — Cyberscoop

  • Cyberscoop summarizes/explores the new Microsoft report — a detailed review of criminal and government hackers’ tradecraft.

When coffee makers are demanding a ransom, you know IoT is screwed — Ars Technica

  • With the name Smarter, you might expect a network-connected kitchen appliance maker to be, well, smarter than companies selling conventional appliances. But in the case of the Smarter’s IoT coffee maker, you’d be wrong.

CISA Warns of Hackers Exploiting Zerologon Vulnerability — Security Week

  • The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert to warn of attackers actively targeting a recently addressed vulnerability in the Microsoft Windows Netlogon Remote Protocol (MS-NRPC).

Microsoft disrupts nation-state hacker op using Azure Cloud service — Bleeping Computer

  • In a report today, Microsoft said that it disrupted operations of a nation-state threat group that was using its Azure cloud infrastructure for cyberattacks.

Ransomware Attacks Take On New Urgency Ahead of Vote — The New York Times

  • Attacks against small towns, big cities and the contractors who run their voting systems have federal officials fearing that hackers will try to sow chaos around the election.

FBI director warns that Chinese hackers are still targeting US COVID-19 research — The Hill

  • FBI Director Christopher Wray said Chinese hackers are continuing to target U.S. companies involved in COVID-19 research and described China as the nation’s “greatest counterintelligence threat.”

Mount Locker ransomware joins the multi-million dollar ransom game — Bleeping Computer

  • A new ransomware operation named Mount Locker is stealing victims’ files before encrypting and then demanding multi-million dollar ransoms.

FBI Director: Feeding DOD’s Cyber Offense Operations Is Crucial to New Strategy — Nextgov

  • Senator says legislation is moving forward to thwart intellectual property theft and defend federal networks from cyberattacks.

Phishing attacks are targeting your social network accounts — Bleeping Computer

  • Scammers are targeting your social network accounts with phishing emails that pretend to be copyright violations or promises of a shiny ‘blue checkmark’ next to your name.

In Case You Missed It

‘3 & Free’ Promotion: How to Upgrade Your SonicWall Firewall for Free

You can’t rely on yesterday’s solutions to thwart tomorrow’s attacks.

And as these attacks become more sophisticated, varied and numerous than ever, it’s never been more crucial to defend your organization’s networks, data and applications.

Often, this means ensuring your organization is protected by the latest and most cost-effective firewall appliances and real-time security services. That’s why the SonicWall ‘3 & Free’ program makes it easy for customers to upgrade from their legacy firewall to the latest SonicWall NSa 2650TZ350 or SOHO 250 firewalls.

When you upgrade your SonicWall firewall you gain the latest in next-generation firewall (NGFW) technology and access to the SonicWall Capture Advanced Threat Protection (ATP) service. It’s a cloud-based, multi-engine sandbox that stops both known and unknown cyberattacks from critically impacting your business.

What is the SonicWall ‘3 & Free’ Promotion?

The limited-time SonicWall ‘3 & Free’ promotion is the easy, cost-effective way for customers to upgrade to the very latest SonicWall next-generation firewall appliance for free.

Through Oct. 31, 2020, eligible customers may receive a complimentary NSa 2650, TZ350 or SOHO 250 appliance by purchasing a bundle that includes a three-year subscription of the SonicWall Advanced Gateway Security Suite from their authorized SonicWall SecureFirst partner.

This security suite includes everything you need to stay protected against today’s modern attacks, including advanced malware, ransomwareencrypted threats, viruses, spyware, zero-day exploits and more. This complete service includes:

SonicWall’s exclusive security subscription service also includes SonicWall Real-Time Deep Memory Inspection (RTDMI). A patent-pending technology, RTDMI™ enables Capture ATP to detect and block malware that does not exhibit any malicious behavior or hides weaponry via encryption. This protects your organization from zero-day attacks, malicious PDFs and Microsoft Office files.

Upgrade Your SonicWall Firewall for Free

Ready to upgrade? Take advantage of our ‘3 & Free’ program to get the latest in SonicWall next-generation firewall technology — for free. To upgrade, talk to a SonicWall cybersecurity expert today or contact your dedicated SecureFirst Partner.

National Cybersecurity Awareness Month Empowers Individuals, Orgs to Own Their Role in Cybersecurity

What’s scarier than Dracula, trickier than a haunted house and more expensive than a giant bucket of Halloween candy? Cyberattacks — and they can devastate individuals and organizations alike. Fortunately, however, they can be prevented if we all contribute. Today marks the beginning of the 17th annual National Cybersecurity Awareness Month, and this year SonicWall will bring you tips, best practices and more to ensure you’re ready to “Do Your Part. #BeCyberSmart.”

Each October, the National Cyber Security Alliance collaborates with the Cybersecurity and Infrastructure Security Agency (CISA) to launch a month-long campaign highlighting new and emerging threats and helping ensure all Americans have the resources they need to be safer and more secure online.

“While technology — a luxury turned necessity — continues to improve the quality of lives and economies around the world, some individuals will naturally try to navigate around it or simply bypass it altogether, placing themselves and their organization at risk,” said SonicWall President and CEO Bill Conner. “Now that mobile and remote workforces rely upon extended distributed networks that include everything from corporate offices to homes, global cybersecurity awareness initiatives are key to educating the masses on the importance of doing their part to protect everything from personal devices, home networks, critical data and infrastructure.”

The theme for 2020, “Do Your Part. #BeCyberSmart,” encourages individuals and organizations to own their role in protecting their part of cyberspace. Being more secure online is a shared responsibility, but by taking proactive steps toward lasting, positive cybersecurity behaviors at work and at home, each of us can help create a safer cyber environment.

As National Cybersecurity Awareness Month Champions, SonicWall’s cybersecurity experts will spend the next month exploring ways to help organizations and individuals protect their information and secure their systems and devices. We’ll explore several topics in depth, but in the meantime, here are some steps each of us can take today:

  • LOCK DOWN YOUR LOGIN
    Use long, unique passphrases that are hard to break but easy to remember for each account, and utilize two-factor or multifactor authentication wherever possible.
  • WHEN IN DOUBT, THROW IT OUT
    Email, social media posts, texts and more aren’t always what they seem — sometimes they harbor malware or malicious links. If you’re unsure about it, hit “delete.”
  • KEEP A CLEAN MACHINE
    Keep all software current to reduce risk of infection from ransomware and malware.
  • BACK IT UP
    Create backups of valuable data. In the case of ransomware or other threats, they can help prevent permanent loss.
  • OWN YOUR ONLINE PRESENCE
    Set up privacy and security settings immediately and check them regularly to ensure they’re still configured to your comfort.
  • SHARE WITH CARE
    Think about the potential consequences before posting personal info about yourself or others.
  • GET SAVVY ABOUT WI-FI HOTSPOTS
    These are not secure, meaning anyone could see what you’re doing while you’re connected to them. Consider a VPN or mobile hotspot for greater security.

“In the physical world, we all know a chain is only as strong as its weakest link,” said Chad Sweet, founder and CEO, The Chertoff Group. “The same is true in cyber. None of us want to be that weak link — failing to protect ourselves, our families or our businesses. As key players like NCSA, DHS and SonicWall have rightly challenged us to do, we need to use National Cybersecurity Awareness Month as a call to action for all of us to recommit to strengthening the ‘links’ where we play a critical role at home, in the office and in our communities.”

About NCSAM

National Cybersecurity Awareness Month was launched by the National Cyber Security Alliance (NCSA) and the U.S. Department of Homeland Security (DHS) in October 2004 as a broad effort to help all Americans stay safer and more secure online. Following wide success of the ‘Our Shared Responsibility’ theme in years past, CISA and NCSA have shifted strategic focus to a message that promotes personal accountability.

To learn more about NCSAM, please visit StaySafeOnline.org.