Cybersecurity News & Trends – 05-21-21

This week the DarkSide ransomware group dominated the headlines, launching additional attacks, bringing in large quantities of Bitcoin and (hopefully) being shut down for good.

SonicWall in the News

‘It’s a battle, it’s warfare’: experts seek to defeat ransomware attackers — Financial Times

• Financial Times reporter Hannah Murphy references SonicWall data as she explores the lucrative industry of ransomware.

Breaking into New Technology with Partners — Channel Pro Network

• MiradorIT cites its partnership with ASCII member Net Sciences for enabling it “to move into advanced cybersecurity by offering high-availability SonicWall deployments.”

Windows 10 has a built-in ransomware block, you just need to enable it — PC Gamer

• Turns out there is a mechanism in Windows Defender that can help protect your files from ransomware. PC Gamer leverages SonicWall data to educate readers.
  *Syndicated: PC Gamer – UK

D&H Defies Pandemic: Grows U.S. Sales 19 Percent, Breaks $5B Barrier — CRN

• D&H Distributing, the 104-year-old, employee-owned SMB distribution stalwart, helped its partners power through the global pandemic — and in the process, posted a whopping 160% increase in cloud sales for the fiscal year.

Industry News

The Full Story of the Stunning RSA Hack Can Finally Be Told — Wired

• In 2011, Chinese spies stole the crown jewels of cybersecurity — stripping protections from firms and government agencies worldwide.

Denial of Electricity Service Could Become Next Geopolitical Weapon — The Wall Street Journal

• With electricity expected to account for a large share of the world’s energy use by 2050, the stakes are high.

Colonial Pipeline CEO: Paying DarkSide ransom was the ‘right thing to do for the country’ — ZDNet

• The chief executive of Colonial Pipeline has defended paying cybercriminals who launched a devastating attack on the company, calling it the “right thing to do for the country.”

School districts struggle to defend against rising ransomware attacks — The Hill

• Cybercriminals are stepping up their efforts to hack into vulnerable school districts, often launching ransomware attacks like the kind that shut down Colonial Pipeline earlier this month.

Bizarro banking Trojan surges across Europe — ZDNet

• Operators have targeted customers of at least 70 banks across Europe and South America so far.

Chemical distributor pays $4.4 million to DarkSide ransomware — Bleeping Computer

• Chemical distribution company Brenntag paid a $4.4 million ransom to the DarkSide ransomware gang to receive a decryptor for encrypted files and prevent the threat actors from publicly leaking stolen data.

Legislation to secure critical systems against cyberattacks moves forward in the House — The Hill

• Multiple bills meant to secure critical infrastructure against cyberthreats were approved by the House Homeland Security Committee — just a week after a ransomware attack on the Colonial Pipeline caused fuel shortages across the nation.

New Zealand hospitals infected by ransomware, cancel some surgeries — The Register

• New Zealand’s Waikato District Health Board has been hit with ransomware that took down most IT services and drastically reduced services at six of its affiliate hospitals.

Hackers scan for vulnerable devices minutes after bug disclosure — Bleeping Computer

• Every hour, a threat actor starts a new scan on the public web for vulnerable systems, moving at a quicker pace than global enterprises when trying to identify serious vulnerabilities on their networks.

Supply chain hacking attacks: Government eyes new rules to tighten security — ZDNet

• The UK might soon require managed IT service providers to undergo extra cybersecurity checks.

‘Catastrophic’ cyberattack larger than pipeline hack increasingly likely, acting CISA chief says — The Washington Times

• A top U.S government official said it is increasingly likely the federal government will be faced with a “catastrophic cyber incident” larger in scope than the recent Colonial Pipeline hack.

After just 9 months, Darkside ransomware gang brings in $90 million in Bitcoin — ZDNet

• The cryptocurrency was sourced from 47 different wallets, according to research from Elliptic.

Insurer AXA hit by ransomware after dropping support for ransom payments — Bleeping Computer

• Branches of insurance giant AXA based in Thailand, Malaysia, Hong Kong and the Philippines have been struck by a ransomware cyberattack, with 3 TB of sensitive data stolen from AXA’s Asian operations.

DarkSide ransomware servers reportedly seized, REvil restricts targets — Bleeping Computer

• The DarkSide ransomware operation has allegedly shut down, after the threat actors lost access to servers and their cryptocurrency was transferred to an unknown wallet.

Toshiba unit struck by DarkSide ransomware group — ZDNet

• Following Colonial Pipeline, a DarkSide affiliate has claimed another victim.

In Case You Missed It

• Using Client VPN with Your Firewall for WFH: a Setup for Disaster? — Jean-Pier Talbot
• Triple Threat: CRN’s 2021 Women of the Channel List Honors SonicWall Leaders — Lindsey Lockhart
• RSA Conference 2021 Spotlights the Resilience of the Cybersecurity Industry — Amber Wolff
• SonicWall Capture ATP Receives Perfect Score in ICSA Labs ATD Certification — Kayvon Sadeghi
• Cybercrime on Campus: How Education Became Attackers’ Biggest Target — Amber Wolff

Amber Wolff

Senior Digital Copywriter | SonicWall

Amber Wolff is the Senior Digital Copywriter for SonicWall. Prior to joining the SonicWall team, Amber was a cybersecurity blogger and content creator, covering a wide variety of products and topics surrounding enterprise security. She spent the earlier part of her career in advertising, where she wrote and edited for a number of national clients.