While the Mid-Year Update to the 2021 SonicWall Cyber Threat Report continues to be recognized as an authoritative source of statistics, the company was also noted in an education piece and a product review for the SonicWall SWS12 switch. In industry news, discussions on launching security for commercial maritime, employees bypassing “inconvenient” security measures, the Nigerian aviation industry is grounded, cyberattackers hit with crypto-sanctions, and OMIGOD is getting more guidance.
SonicWall in the News
The weak points where hackers could hijack the supply chain — The Grocer (U.K.)
- Like many businesses, the food system runs online – and, increasingly, many operations are from the homes of its workers. Consequently, the industry faces an increasing risk of cyberattack. This vertical market news outlet references the Mid-Year Update to the 2021 SonicWall Cyber Threat Report and SonicWall’s V.P. of Platform Architecture, Dmitriy Ayrapetov, to analyze increasing attacks on the U.K. food supply chain.
IT security for schools: New requirements. Limited resources. Unused funding — All About Security (DACH)
- Schools have adopted more network mobility, but now they face greater cyberthreats. This report explores SonicWall solutions for schools. It outlines the challenges schools are confronted with in everyday life and how SonicWall can help.
Between blackboard and tablet: IT security in schools — All About Security (DACH)
- To deliver safe classroom and distance learning experiences, schools need to secure wireless networks, cloud apps, and endpoints while stretching budgets through grants. This report also includes an invitation for readers to participate in an upcoming webinar for educators.
- The use of open-source code is on the rise, and so is, unfortunately, is malware and ransomware. The report cites Mid-Year Update to the 2021 SonicWall Cyber Threat Report, with ransomware attacks up 158% in 2021.
IoT: An Internet of Threats? — Maddyness (U.K.)
- The Internet of Things promises an advanced environment where every object is intelligent and connected. The report cites Mid-Year Update to the 2021 SonicWall Cyber Threat Report as an example of how IoT devices and the pandemic have exposed and exacerbated the danger.
How Nonprofits Can Defend Against Ransomware Attacks — BizTech (U.S.)
- Ransomware has become a top concern for organizations large and small as high-profile incidents have grabbed headlines. According to the Mid-Year Update to the 2021 SonicWall Cyber Threat Report, ransomware attacks grew by 62 percent between 2019 and 2020.
Hybrid working: six steps to managing cybersecurity and data privacy risks — Raconteur (U.K.)
- As pandemic restrictions are eased and staff head back to the office, many will want to continue working from home for part of the week, raising cybersecurity concerns for employers. According to the Mid-Year Update to the 2021 SonicWall Cyber Threat Report, there was a 65% year-on-year increase globally in ransomware attacks.
- The SonicWall SWS12 switch is mentioned to “handles [PoE management] by adding deep power management to the suite of standard networking configuration options.” This is a good thing. The switch can provide up to 130 watts of power spread across ten ports, and each port can supply up to 30 watts of power.
- IBM is launching tape drives that give systems more resilience to cyberattack. Additionally, the company has repeatedly cited the Mid-Year Update to the 2021 SonicWall Cyber Threat Report as an example of the marketplace’s need for such products. In this release, they cite the Threat Report, noting ransomware is one of the costlier types of breaches, with an average cost of $4.62M per breach and one of the most common.
- This article summarizes the reality of cloud-connected businesses and industries and the cyberthreats they face. With the increased dependence of offshore activities on cyber-enabled systems, the author points out that maritime operations need more secure cybersecurity infrastructure at sea.
- Working from home blurs lines between personal spaces and corporate security. And this may be why, in a recent survey conducted by Hewlett-Packard’s Wolf Security Division, a surprising 30% of remote workers under the age of 24 who claim that they circumvent or ignore certain corporate security policies when they get in the way of getting work done.
How cyber resilience will reshape cybersecurity – TechRadar
- Businesses are operating in a world with myriad cybersecurity risks, but many are caught underprepared because they have not developed cyber resilience despite the headlines. The question, therefore, is how do businesses recognize resilience in cybersecurity?
- SushiSwap’s chief technology officer says a software supply chain attack has hit the company’s MISO platform. The report goes on to point out that an “anonymous contractor” with the GitHub handle AristoK3 and access to the project’s code repository had pushed a malicious code commit that was distributed on the platform’s front end.
- The investigation began after a Microsoft tweet concerning AsyncRAT. Researchers revealed a lengthy campaign against the aviation sector, starting with an analysis of a Trojan by Microsoft. The operator of the campaign reportedly used email spoofing to pretend to be legitimate organizations in these industries.
U.S. to Target Crypto-Ransomware Payments With Sanctions – The Wall Street Journal
- The Biden administration hopes to disrupt the digital finance infrastructure that facilitates ransomware cyberattacks, a national security threat traced to Russia. According to people familiar with the matter, sanctions are among an array of actions, making it harder for hackers to use digital currency to profit from ransomware attacks.
- The Federal Trade Commission (FTC) voted 3-2 Wednesday that a decade-old rule on health data breaches applies to apps that handle sensitive health information, warning these companies to comply. In addition, the FTC’s new policy statement will clarify the agency’s 2009 Health Breach Notification Rule.
FBI and CISA warn of state hackers exploiting critical Zoho bug – Bleeping Computer
- TODAY, the FBI, CISA, and the Coast Guard Cyber Command (CGCYBER) warned that state-backed advanced persistent threat (APT) groups are actively exploiting a critical flaw in a Zoho single sign-on and password management solution since early August 2021. Zoho’s customer list includes “three out of five Fortune 500 companies,” including Apple, Intel, Nike, PayPal, HBO, etc.
- Microsoft on Thursday published additional guidance on addressing recently disclosed vulnerabilities in the Open Management Infrastructure (OMI) framework, along with new protections to resolve the bugs within affected Azure Virtual Machine (V.M.) management extensions.
- Hackers linked to ransomware deployments used a recently discovered flaw to target application developers. Microsoft reports how it recently saw hackers exploiting a dangerous remote code execution vulnerability in Internet Explorer through rigged Office documents and targeted developers.
Customer Care Giant TTEC Hit By Ransomware – Krebs on Security
- TTEC, a company used by some of the world’s largest brands to help manage customer support and sales online and over the phone, is dealing with disruptions from a network security incident resulting from a ransomware attack by Ragnar Locker an aggressive ransomware group.
Free REvil ransomware master decrypter released for past victims – Bleeping Computer
- A free master decryptor for the REvil ransomware operation has been released, allowing all victims encrypted before the gang disappeared to recover their files for free. Bitdefender created the REvil master decryptor in collaboration with a law enforcement partner.
- Shortly after Congress took action on a $1 trillion infrastructure bill, hackers posing as U.S. Researchers say that Transportation Department officials offered fake project bid opportunities to seduce companies into handing over Microsoft credentials.
Ransomware encrypts South Africa’s entire Dept of Justice network – Bleeping Computer
- The justice ministry of the South African government is working on restoring its operations after a recent ransomware attack encrypted all its systems, making all electronic services unavailable both internally and to the public.
In Case You Missed It
- IoT Devices: If You Connect It, Protect It – Amber Wolff
- The Halfway Point: How Cybercrime Has Impacted Government in 2021 – Amber Wolff
- Elevating SonicWall to the Cloud – Jayant Thakre
- How Cybercrime Impacted Education in 2021 – Amber Wolff
- From Sonic Systems to SonicWall: 30 Years of Cybersecurity Evolution – Amber Wolff
- The Top 12 Cybersecurity Books – Recommendations from SonicWall Leadership and Employees – Ray Wyman
- SonicWall Earns Another Perfect Score from ICSA Labs for Q2 — Amber Wolff
- SonicWall President and CEO Bill Conner Recognized on CRN’s 2021 Top 100 Executives List — SonicWall Staff
- Latest Cyber Threat Intelligence Shows Ransomware Skyrocketing – Amber Wolff
- SonicWall Fortifies Cloud Edge Secure Access with Device Compliance Check and Network Traffic Control – SonicWall Staff
- New SonicWall NSsp 13700 Firewall: Security for Large Enterprises – Ajay Uggirala
- SonicWall Announces Capture Labs Portal – SonicWall Staff