SonicWall’s Mid-Year Update to the 2021 SonicWall Cyber Threat Report comes back into the news cycle, and Terry Greer-King, VP of EMEA Sales at SonicWall, describes how AI-powered cybersecurity is setting the pace as threats evolve in real-time. In industry news, China bans crypto trading in the latest sign of growing frustration with the crypto community, and more hackers turn to cryptojacking to expand their enterprises. Then, there’s an ongoing struggle to hire cybersecurity personnel for governments, Neiman-Marcus customer database is breached, $311 million awarded for IT and cybersecurity, and Yahoo builds a culture. And separately, October is Cybersecurity Awareness Month – #BeCyberSmart
SonicWall in the News
Packt: Promoting the Second Edition of a book, the publisher notes “32.7 million IoT attacks” from the Mid-Year Update to the 2021 SonicWall Cyber Threat Report as an example of the current threat landscape. They also note that malware leveraged during an IoT-related attack infects routers and can facilitate data theft.
OneLogin: Did you know that cybercriminals can pay for a service to spread and manage ransomware attacks? Well, they can. And, in fact, it is called Ransomware-as-a-Service (RaaS). According to the Mid-Year Update to the 2021 SonicWall Cyber Threat Report, 304.7 million ransomware attempted attacks in the first six months of 2021.
Threat Post: Move over REvil, Ragnar Locker, BlackMatter, Conti et al.: Three lesser-known gangs account for the vast majority of ransomware attacks in the US and globally. The report mentions the Mid-Year Update to the 2021 SonicWall Cyber Threat Report as the source for a list of emerging ransomware threats in the first half of 2021.
Digis MAK: Ransomware threats to supply chains have rapidly escalated the list of concerns for businesses and governments in the wake of the pandemic. The story cites the Mid-Year Update to the 2021 SonicWall Cyber Threat Report, mentioning that in the first six months of this year, the security firm SonicWall recorded a volume of 304 million attacks, a number never seen before.
TEISS (UK): Terry Greer-King at SonicWall describes how AI-powered cyber-security is setting the pace as threats evolve in real-time. With a record-breaking year for ransomware, AI-powered cybersecurity could come at no better time. Citing the Mid-Year Update to the 2021 SonicWall Cyber Threat Report, the story mentions that in the first half of 2021, ransomware attacks skyrocketed to 304.7 million, smashing 2020’s total number of attacks (304.6 million) in just six months — a 151% year-over-year increase.
Play Crazy Game (Brazil): Cyberattacks reached a record in the first half of 2021 worldwide. Brazil is the 5th biggest threat target, citing 9 million attempted attacks from the Mid-Year Update to the 2021 SonicWall Cyber Threat Report.
Reuters: Late last week, a new headline reverberated through the global cryptocurrency community: China declared all cryptocurrency transactions illegal. As the story gained steam, Bitcoin (BTC) and other cryptocurrencies fell sharply in trading. However, they then quickly recovered even as Chinese brokers like Huobi Global ceased account registrations for new users from mainland China. But the story does not end there. The US Department of Treasury previously announced strict sanctions against cryptocurrency exchange SUEX to allow ransomware transactions. While the two actions do not appear to be coordinated, they reveal growing frustration among governments over the lack of centralized controls and rules for cryptocurrency trades. According to the Treasury Department, ransomware payments in 2020 topped $400 million worldwide, more than four times their level in 2019. Thanks to hackers, the world of cryptocurrency – which savors its independence from regulation – will feel increasing pressure to regulate or face more actions such as those witnessed by China and the US.
Associated Press: Hiring people with strong cybersecurity skills into government security programs is difficult when the best that some agencies can offer are unpaid internships as a part of their candidate recruitment programs. Employment agencies working in the field estimate that state and local governments need to fill 9,000 cybersecurity jobs, with the footnote that the actual need total is probably much higher. The Department of Homeland Security recently acknowledged 2,000 job vacancies in newly formed cybersecurity task forces. The story from AP notes that salaries from government agency positions are often significantly lower than what is offered in the private sector.
Dark Reading: With cryptocurrency values soaring, more and more organized hackers are jumping into cryptojacking to increase cashflows. They still rely on the same methods of injecting malware into victims’ networks and computers, but the risk of getting caught is very low. Many cryptojackers rely on behavior: most of their victims usually do not notice the installation of their tiny payload of malware, let alone the CPU cycles that are siphoned off to engage cryptomining. In addition, the effort to maintain the hack is far less risky for the hacker than ransomware or other types of breaches. The opinion here conforms with different views – as cryptocurrency valuation rises, the number of cryptojackers will also rise.
CBS Dallas: Neiman Marcus Group, based in Dallas, TX, said in a news release that a security breach exposed personal information from 4.6 million customers, including contact details, payment card numbers, gift card numbers, usernames and passwords.
Federal News Network: The first tranche of cybersecurity modernization awards worth about $311 million was awarded to four agencies for six projects. Funding is from the $1 billion that Congress specified in the Technology Modernization Fund earlier this year.
Harvard Business Review: Yahoo studied employee responses to simulations to better understand how to make them take cybersecurity seriously. To make meaningful change, managers should take three key steps:
- They must identify critical employee behaviors.
- Managers must measure behaviors transparently.
- Managers must use awareness to explain why something is important.
Telling your employees that they should do something isn’t enough to inspire meaningful change. Just ask anyone who has ever watched a cybersecurity awareness video. While the videos do a good job of instructing employees to be mindful of data security, the videos seldom lead to a wholesale change in behavior. This article relates closely with another from HBR: Cyberattacks are Inevitable. Is Your Company Prepared?
In Case You Missed It
- CRN Recognizes Another Rising SonicWall Channel Star – Ray Wyman
- What is Cryptomining and how can it affect Cybersecurity? – Ray Wyman
- Living in the Wild West of the IoT – SonicWall Staff
- IoT Devices: If You Connect It, Protect It – Amber Wolff
- The Halfway Point: How Cybercrime Has Impacted Government in 2021 – Amber Wolff
- Elevating SonicWall to the Cloud – Jayant Thakre
- How Cybercrime Impacted Education in 2021 – Amber Wolff
- From Sonic Systems to SonicWall: 30 Years of Cybersecurity Evolution – Amber Wolff
- The Top 12 Cybersecurity Books – Recommendations from SonicWall Leadership and Employees – Ray Wyman
- SonicWall Earns Another Perfect Score from ICSA Labs for Q2 — Amber Wolff
- SonicWall President and CEO Bill Conner Recognized on CRN’s 2021 Top 100 Executives List — SonicWall Staff
- Latest Cyber Threat Intelligence Shows Ransomware Skyrocketing – Amber Wolff