This week, the Mid-Year Update to the 20201 SonicWall Cyber Threat Report shook up a lot of people with the headline “304.7 million ransomware attacks eclipse 2020.” That’s a 151% increase, year-over-year. In other news, “Wipers” in the Middle East, Emma Willard, UC San Diego, rebranded hacker groups, fake Microsoft 11 installers, the sinister case of Plugwalkjoe, and flirty aerobics instructors.
SonicWall in the News
- Straight off the Mid-Year Update to the 2021 SonicWall Cyber Threat Report: high-profile attacks against established technology and infrastructure are now more prevalent than ever. Through the first half of 2021, SonicWall recorded global ransomware volume of 304.7 million, surpassing 2020’s full-year total (304.6 million) — a 151% year-to-date increase. If that doesn’t rock your boat, keep in mind that just about every business sector is targeted.
- The cyberthreat quote of the week came from SonicWall President and CEO Bill Conner: “In a year driven by anxiety and uncertainty, cybercriminals have continued to accelerate attacks against innocent people and vulnerable institutions. This latest data shows that sophisticated threat actors are tirelessly adapting their tactics and embracing ransomware to reap financial gain and sow discord…”
- This publication focused on data from SonicWall Capture Labs that shows a 615% rise in ransomware – just on education alone! Threat researchers also recorded alarming ransomware spikes across other key verticals, including government (917%), healthcare (594%) and retail (264%).
- Data from the Mid-Year Update to the 2021 SonicWall Cyber Threat Report revealed that 2021 ransomware numbers “eclipse” all of 2020 global attacks.
- Writers here focused on the fact that data from the Mid-Year Update to the 2021 SonicWall Cyber Threat Report shows the sharp rise in the number of ransomware attacks was achieved in just 6 months.
- Noting SonicWall’s 30-year history, writers here point out a Globalization Partners solution to hire talent around the world.
- SonicWall’s Sergio Martínez participated in a special issue about teleworking and cybersecurity.
- Security researchers at SentinelOne stumbled upon a hitherto unknown data-wiping malware that was part of a disruptive cyberattack against Iran’s train system earlier this month. “Wipers,” as they are euphemistically called, are the most destructive of all malware types. The genre logs most of its attacks in the Middle East, with the 2012 Shamoon attacks against Saudi Aramco being the most prominent example.
- Following a 615% rise in ransomware targeting education this year, leaders at the prodigious Emma Willard School in Troy, NY are reeling from a recent cyberattack. They’re still identifying the extent of the attack but said that some employee Social Security numbers and financial information were stolen, according to a letter obtained by the Times-Union.
As Cyberattacks Surge, Security Start-Ups Reap the Rewards – The New York Times
- Responding to the severe uptick in cyberattacks, investors have poured $12.2 billion into cybersecurity companies so far this year, nearly $2 billion more than the total for all of 2020.
UC San Diego Health discloses data breach after phishing attack – Bleeping Computer
- UC San Diego Health, one of nation’s highest ranked hospitals, and a leading academic medical school, disclosed that they discovered a data breach that compromised some employees’ email accounts that may have revealed personal information of patients, employees, and students. The breach occurred between December 2, 2020, and April 8, 2021, and was the result of a phishing attack.
- Security firm Kaspersky issued warnings that hackers are circulating fake installers to people who are eager to get their hands on the Microsoft operating system update due this fall.
- Rising prices of insurance against cyberattacks fail to take account of the potential catastrophic effects of a widespread attack, Chubb Ltd. CEO Evan Greenberg said on Wednesday. Chubb is a major underwriter for various insurance for business.
- U.S. Justice Department officials came out in strong support of legislation requiring companies to report ransomware attacks and other severe data breaches to federal authorities. But DOJ also says that Congress should hold the brakes on banning ransomware payments.
PlugwalkJoe Does the Perp Walk – Krebs on Security
- Brian Krebs takes a closer look at the “sinister criminal charges” in the indictment of Joseph O’Connor (aka “PlugwalkJoe”) that revealed a subculture where young men turned to sextortion, SIM swapping, and death threats to seize control of social media accounts.
- New groups – or rebranded old ones – are rising just as the number of high-severity ransomware attacks ratchet up.
FBI reveals top targeted vulnerabilities of the last two years – Bleeping Computer
- Recommended read: A joint security advisory by cybersecurity agencies from the US, the UK, and Australia reveals the top 30 most targeted security vulnerabilities of the last two years.
- Bryan Vorndran, the assistant director of the FBI’s Cyber Division advised members of the Senate Judiciary Committee against banning payments for ransomware attacks.
- Group’s advanced memory-resident attacks similar to those employed in sustained campaign against Australian companies and government last year, security vendor says.
In Case You Missed It
- Latest Cyber Threat Intelligence Shows Ransomware Skyrocketing – Amber Wolff
- SonicWall Fortifies Cloud Edge Secure Access with Device Compliance Check and Network Traffic Control – Sony Kogin
- New SonicWall NSsp 13700 Firewall: Security for Large Enterprises – Ajay Uggirala
- SonicWall Announces Capture Labs Portal – Brook Chelmo
- SonicWall NSa 4700 and 6700: The Newest Next-Generation Firewalls for Medium Enterprises – Ajay Uggirala
- Three New Firewalls with Triple the Performance, Plus Three Powerful Updates – Atul Dhablania