This week, the tectonic Mid-Year Update to the 2021 SonicWall Cyber Threat Report continued to reverberate in the press, while SonicWall President and CEO Bill Conner finds himself selected for two CRN leadership lists. In other news, hackers hit Microsoft and diplomats, a Joint Cyber Defense Collaborative goes active, U.S. Senators’ “horror show,” the U.S. State Department (and other agencies) get low scores for cybersecurity, and Swisslog’s “Swiss cheese” problem.
SonicWall in the News
- SonicWall’s Mid-Year Update to the 2021 Cyber Threat Report continues to feature prominently in the press. Axios noted that as the pandemic drove more of the American workforce into remote offices, cyberattacks increased. The story cited stats from the report: Between 2019 and 2020, ransomware cyberattacks rose 62% worldwide and 158% in North America.
- SonicWall’s Mid-Year Update to the 2021 Cyber Threat Report also appeared in Yahoo! News. The story highlighted the mention of stats from the FBI that observed a 20% rise in cyberattacks between 2019 and 2020. Also, from the report, the collective cost of ransomware attacks reported to the bureau rose more than 200% in 2020 to roughly $29.1 million.
The Challengers Power List— Forbes India
- SonicWall’s own Debasish Mukherjee, VP of Regional Sales, APAC, was featured in a discussion about how businesses have faced pandemic challenges head-on and helped their companies grow. Mukherjee goes into detail on how SonicWall bridges cybersecurity gaps for enterprises, governments, and SMBs.
- Bill Conner, President and CEO of SonicWall, was named to CRN’s Top 25 Innovators of 2021 list for his work evolving SonicWall beyond the firewall to deliver security for the endpoint, email and cloud. He also helped develop Cloud Edge Secure Access to allow customers to control and protect network access to managed and unmanaged devices based on identity, location and device parameters.”
- Bill Conner, President CEO of SonicWall, also found himself on CRN’s Top 100 Executives for 2021. CRN honors leaders who are setting the pace for the rest of the I.T. industry.
- Late last year, while investigating the hack of an Italian retailer, researchers at the Los Angeles-based cybersecurity company Resecurity stumbled across five gigabytes of stolen data squirreled away on a cloud storage platform. During the previous three and half years, hackers stole the data from foreign ministries and energy companies by hacking their on-premises Microsoft Exchange servers.
U.S. Taps Amazon, Google, Microsoft, Others to Help Fight Ransomware, Cyber Threats— The Wall Street Journal
- The U.S. launched the Joint Cyber Defense Collaborative and tapped Amazon, Google, Microsoft, and other companies to help combat ransomware and other cyberthreats. The creation of the joint initiative follows massive cyberattacks on critical U.S. infrastructure. “This will uniquely bring people together in peacetime so that we can plan for how we’re going to respond in wartime,” says Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency.
- The Senate Intelligence Committee held a rare public hearing earlier this week to stress the increased threats posed by mainland Chinese hackers to U.S. national security, U.S. companies, and intellectual property. One top senator described the situation as a “horror show.” According to the committee, the threats include Chinese cyberattacks against U.S. companies and critical organizations that resulted in the theft of billions of dollars in U.S. intellectual property.
- The Biden administration backed away from banning ransomware payments after meetings with the private sector and cybersecurity experts. According to reports, experts and business leaders helped shift that view following high-profile hacks against Colonial Pipeline, JBS, and Kaseya, a Florida-based IT firm.
New Hacking Group Shows Similarities to Gang That Attacked Colonial Pipeline— The Wall Street Journal
- Cyberthreat investigators say that a new hacking group recently emerged with similar techniques used by a group that successfully hacked the Colonial Pipeline Co. earlier this year. The new group, named BlackMatter, has cryptocurrency wallets and ransomware strains similar to those used by the former group.
Ransomware Gangs and the Name Game Distraction — Krebs on Security
- Brian Krebs takes a deep dive into notable ransom gang reinventions over the past five years. “Reinvention is a basic survival skill in the cybercrime business,” says Krebs. “Among the oldest tricks in the book is to fake one’s demise or retirement and invent a new identity.”
Energy group ERG reports minor disruptions after ransomware attack — Bleeping Computer
- This week, ERG, an Italian energy company, reported that it experienced “only a few minor disruptions” to its information and communications technology infrastructure following a ransomware attack on its systems.
- Cybersecurity at eight federal agencies is so poor that four of them earned D grades, three got Cs, and only one received a B in a report issued Tuesday by a U.S. Senate Committee. This report comes two years after another damning cybersecurity report. Again, auditors find that little has improved.
- Orlando Family Physicians (OFP) recently notified 447,426 patients that their data was potentially compromised during a successful phishing attack in April. The breach tally makes the OFP incident among the ten largest reported in U.S. health care this year.
- The European Union Agency for Cybersecurity (ENISA) analyzed 24% supply chain attacks and warned that current defenses against threats are insufficient. The ENISA report focused on advanced persistent threat (APT) supply chain attacks, noting that the coding was not very advanced, the planning and staging were complex.
- On Monday, National Cyber Director Chris Inglis made a case for establishing an office within the Department of Homeland Security (DHS) to track and analyze cybersecurity incidents to ensure that the country has an early warning system to understand attack vectors and targets.
- The Federal Trade Commission recently voted unanimously to enforce rules against manufacturers who make it difficult for consumers to fix their own devices. Unfortunately, while a significant win for the “right-to-repair” movement for consumer advocates and owners of devices, this move is also a big win for hackers.
- An investigation by security experts at Armis discovered severe vulnerabilities in Swisslog PTS hospital products used by 80% of U.S. hospitals. Security problems were so bad that analysts said that they had the potential to turn Swisslog’s products into “Swiss cheese.” Among the vulnerabilities that were uncovered: hardcoded passwords, unencrypted connections, and unauthenticated firmware updates. Patches have been released.
In Case You Missed It
- SonicWall Earns Another Perfect Score from ICSA Labs for Q2 — Amber Wolff
- SonicWall President and CEO Bill Conner Recognized on CRN’s 2021 Top 100 Executives List — Lindsey Lockhart
- Latest Cyber Threat Intelligence Shows Ransomware Skyrocketing – Amber Wolff
- SonicWall Fortifies Cloud Edge Secure Access with Device Compliance Check and Network Traffic Control – Sony Kogin
- New SonicWall NSsp 13700 Firewall: Security for Large Enterprises – Ajay Uggirala
- SonicWall Announces Capture Labs Portal – Brook Chelmo
- SonicWall NSa 4700 and 6700: The Newest Next-Generation Firewalls for Medium Enterprises – Ajay Uggirala
- Three New Firewalls with Triple the Performance, Plus Three Powerful Updates – Atul Dhablania