Cybersecurity News & Trends – 08-06-21
This week, the tectonic Mid-Year Update to the 2021 SonicWall Cyber Threat Report continued to reverberate in the press, while SonicWall President and CEO Bill Conner finds himself selected for two CRN leadership lists. In other news, hackers hit Microsoft and diplomats, a Joint Cyber Defense Collaborative goes active, U.S. Senators’ “horror show,” the U.S. State Department (and other agencies) get low scores for cybersecurity, and Swisslog’s “Swiss cheese” problem.
SonicWall in the News
How remote work raises the risks of cyberattacks — Axios
- SonicWall’s Mid-Year Update to the 2021 Cyber Threat Report continues to feature prominently in the press. Axios noted that as the pandemic drove more of the American workforce into remote offices, cyberattacks increased. The story cited stats from the report: Between 2019 and 2020, ransomware cyberattacks rose 62% worldwide and 158% in North America.
How remote work raises the risk of cyber and ransomware attacks— Yahoo! News
- SonicWall’s Mid-Year Update to the 2021 Cyber Threat Report also appeared in Yahoo! News. The story highlighted the mention of stats from the FBI that observed a 20% rise in cyberattacks between 2019 and 2020. Also, from the report, the collective cost of ransomware attacks reported to the bureau rose more than 200% in 2020 to roughly $29.1 million.
The Challengers Power List— Forbes India
- SonicWall’s own Debasish Mukherjee, VP of Regional Sales, APAC, was featured in a discussion about how businesses have faced pandemic challenges head-on and helped their companies grow. Mukherjee goes into detail on how SonicWall bridges cybersecurity gaps for enterprises, governments, and SMBs.
The Top 25 I.T. Innovators Of 2021— CRN
- Bill Conner, President and CEO of SonicWall, was named to CRN’s Top 25 Innovators of 2021 list for his work evolving SonicWall beyond the firewall to deliver security for the endpoint, email and cloud. He also helped develop Cloud Edge Secure Access to allow customers to control and protect network access to managed and unmanaged devices based on identity, location and device parameters.”
The Top 100 Executives Of 2021— CRN
- Bill Conner, President CEO of SonicWall, also found himself on CRN’s Top 100 Executives for 2021. CRN honors leaders who are setting the pace for the rest of the I.T. industry.
Industry News
Microsoft Exchange Used to Hack Diplomats Before 2021 Breach— Bloomberg
- Late last year, while investigating the hack of an Italian retailer, researchers at the Los Angeles-based cybersecurity company Resecurity stumbled across five gigabytes of stolen data squirreled away on a cloud storage platform. During the previous three and half years, hackers stole the data from foreign ministries and energy companies by hacking their on-premises Microsoft Exchange servers.
U.S. Taps Amazon, Google, Microsoft, Others to Help Fight Ransomware, Cyber Threats— The Wall Street Journal
- The U.S. launched the Joint Cyber Defense Collaborative and tapped Amazon, Google, Microsoft, and other companies to help combat ransomware and other cyberthreats. The creation of the joint initiative follows massive cyberattacks on critical U.S. infrastructure. “This will uniquely bring people together in peacetime so that we can plan for how we’re going to respond in wartime,” says Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency.
Senators highlight national security threats from China during rare public hearing— The Hill
- The Senate Intelligence Committee held a rare public hearing earlier this week to stress the increased threats posed by mainland Chinese hackers to U.S. national security, U.S. companies, and intellectual property. One top senator described the situation as a “horror show.” According to the committee, the threats include Chinese cyberattacks against U.S. companies and critical organizations that resulted in the theft of billions of dollars in U.S. intellectual property.
A US official explains why the White House decided not to ban ransomware payments— The Hill
- The Biden administration backed away from banning ransomware payments after meetings with the private sector and cybersecurity experts. According to reports, experts and business leaders helped shift that view following high-profile hacks against Colonial Pipeline, JBS, and Kaseya, a Florida-based IT firm.
New Hacking Group Shows Similarities to Gang That Attacked Colonial Pipeline— The Wall Street Journal
- Cyberthreat investigators say that a new hacking group recently emerged with similar techniques used by a group that successfully hacked the Colonial Pipeline Co. earlier this year. The new group, named BlackMatter, has cryptocurrency wallets and ransomware strains similar to those used by the former group.
Ransomware Gangs and the Name Game Distraction — Krebs on Security
- Brian Krebs takes a deep dive into notable ransom gang reinventions over the past five years. “Reinvention is a basic survival skill in the cybercrime business,” says Krebs. “Among the oldest tricks in the book is to fake one’s demise or retirement and invent a new identity.”
Energy group ERG reports minor disruptions after ransomware attack — Bleeping Computer
- This week, ERG, an Italian energy company, reported that it experienced “only a few minor disruptions” to its information and communications technology infrastructure following a ransomware attack on its systems.
The State Department and 3 other U.S. agencies earn a D for cybersecurity — Ars Technica
- Cybersecurity at eight federal agencies is so poor that four of them earned D grades, three got Cs, and only one received a B in a report issued Tuesday by a U.S. Senate Committee. This report comes two years after another damning cybersecurity report. Again, auditors find that little has improved.
Nearly 450K patients impacted by Orlando Family Physicians phishing attack— S.C. Magazine
- Orlando Family Physicians (OFP) recently notified 447,426 patients that their data was potentially compromised during a successful phishing attack in April. The breach tally makes the OFP incident among the ten largest reported in U.S. health care this year.
Supply chain attacks are getting worse, and you are not ready for them— ZDNet
- The European Union Agency for Cybersecurity (ENISA) analyzed 24% supply chain attacks and warned that current defenses against threats are insufficient. The ENISA report focused on advanced persistent threat (APT) supply chain attacks, noting that the coding was not very advanced, the planning and staging were complex.
White House cyber chief backs new federal bureau to track threats — The Hill
- On Monday, National Cyber Director Chris Inglis made a case for establishing an office within the Department of Homeland Security (DHS) to track and analyze cybersecurity incidents to ensure that the country has an early warning system to understand attack vectors and targets.
FTC’s right-to-repair ruling is a small step for security researchers, giant leap for DIY hackers— Cyberscoop
- The Federal Trade Commission recently voted unanimously to enforce rules against manufacturers who make it difficult for consumers to fix their own devices. Unfortunately, while a significant win for the “right-to-repair” movement for consumer advocates and owners of devices, this move is also a big win for hackers.
PwnedPiper vulns have potential to turn Swisslog’s PTS hospital products into “Swiss cheese,” says Armis — The Register
- An investigation by security experts at Armis discovered severe vulnerabilities in Swisslog PTS hospital products used by 80% of U.S. hospitals. Security problems were so bad that analysts said that they had the potential to turn Swisslog’s products into “Swiss cheese.” Among the vulnerabilities that were uncovered: hardcoded passwords, unencrypted connections, and unauthenticated firmware updates. Patches have been released.
In Case You Missed It
- SonicWall Earns Another Perfect Score from ICSA Labs for Q2 — Amber Wolff
- SonicWall President and CEO Bill Conner Recognized on CRN’s 2021 Top 100 Executives List — Lindsey Lockhart
- Latest Cyber Threat Intelligence Shows Ransomware Skyrocketing – Amber Wolff
- SonicWall Fortifies Cloud Edge Secure Access with Device Compliance Check and Network Traffic Control – Sony Kogin
- New SonicWall NSsp 13700 Firewall: Security for Large Enterprises – Ajay Uggirala
- SonicWall Announces Capture Labs Portal – Brook Chelmo
- SonicWall NSa 4700 and 6700: The Newest Next-Generation Firewalls for Medium Enterprises – Ajay Uggirala
- Three New Firewalls with Triple the Performance, Plus Three Powerful Updates – Atul Dhablania