It been a big news week as conversations about the Mid-Year Update to the 2021 SonicWall Cyber Threat Report, the Boundless Cybersecurity Model, and the 30th Anniversary filled up pages. SonicWall got a big boost from a story about a new ransom disclosure bill when the co-sponsoring senators (Warren and Ross) mentioned data from the Threat Report in their press releases. In industry news, MIT designs a cybersecurity fire drill, “urgently needed rules” fail to impress and Facebook is crystal clear: outage was not a hack.
SonicWall in the News
U.S. Senators Warren and Ross have introduced legislation requiring ransomware victims to report payments within 48 hours of the transaction. Warren and Ross cited figures from SonicWall’s Mid-Year Update to the 2021 SonicWall Cyber Threat Report noting that ransomware attacks rose 62% worldwide between 2019 and 2020 and 158% in North America.
Be In Crypto (USA): The legislation proposes that victims of ransomware attacks in the U.S. file an incident report within 48 hours of payment. The bill’s co-sponsors used data from the Mid-Year Update to the SonicWall 2021 Cyber Threat Report.
BYTE (Spain): The article notes that 2021 has already been a record year for cybercrime, and there is still a quarter to go. The article describes the cybercrime landscape by citing data from SonicWall’s Mid-Year Update to the 2021 SonicWall Cyber Threat Report.
ChannelProNetwork (Blog): Citing 304.7 million ransomware attacks in the first half of 2021 as reported by the Mid-Year Update to the 2021 SonicWall Cyber Threat Report. The author describes methods for recovery from ransomware attacks.
VARIndia (India): The article includes commentary from SonicWall’s Debasish Mukherjee, VP Regional Sales, APAC, about SonicWall’s role in helping companies and organizations transition. Debasish comments that the current era of the ‘anytime, anywhere business’ is forever changing the shape of the I.T. and business landscape.
The Clinton Courier: The author describes significant trends for cybersecurity this year based on Mid-Year Update to the 2021 SonicWall Cyber Threat Report.
TechFeedThai (Thailand): SonicWall Solution Provider Cybersecurity for SMBs and Large Enterprises Celebrates 30 years since its inception in August 1991. The story also announces an offer by a regional SonicWall product distributor to perform threat assessments for local businesses.
ACE IT (blog): According to SonicWall, email remains a primary way people share information, with over 320 emails sent per day. In addition, the blog notes that through the massive shift to work-from-home, email became “the most extensive channel for all forms of phishing and ransomware attacks.”
MSP Insights: Noting that ransomware attacks are only becoming more prevalent, more dangerous, and more costly, the report cites ransomware attacks increased 158% in North America last year, from the Mid-Year Update to the 2021 SonicWall Cyber Threat Report.
vTechio Blog: Quoting SonicWall’s Mid-Year Update to the 2021 SonicWall Cyber Threat Report: the number of attacks eclipses 2020 global totals in just six months. With this data, the writers explain, it’s clear that cybercrime has reached a new and unsettling paradigm.
Packt: Promoting the Second Edition of a book, the publisher notes “32.7 million IoT attacks” from the Mid-Year Update to the 2021 SonicWall Cyber Threat Report as an example of the current threat landscape. They also note that malware leveraged during an IoT-related attack infects routers and can facilitate data theft.
Krebbs on Security: Earlier this week, Facebook (with Instagram, WhatsApp) suffered a massive outage that lasted almost seven hours. While many news organizations speculated that attackers hacked Facebook, Krebbs Report suggested “something inside Facebook” triggered a company-wide revocation of vital digital records that point computers and other devices to Facebook’s assigned resources. Reportedly, during the early part of the outage, employees on-premises could not use passcodes and electronic I.D. badges. Krebbs also speculated that the company’s Border Gateway Protocol (BGP) was affected. The BGP is a chunk of code that Internet Service Providers worldwide share for routing traffic through the complex array of Internet Protocol addresses. On Wednesday, details about the outage appeared to confirm reporting from Krebbs. Also, in the face of rising concerns about cybersecurity, Facebook is crystal clear that the hours-long outage had nothing to do with hackers.
Harvard Business Review: Preparing for the unexpected is much easier said than done. In the case of cyberattacks, many companies have vulnerabilities that they don’t know about. Many organizations can benefit from instituting fire drills and exercises that test a company’s response plan for a cybersecurity catastrophe. Drills can reveal gaps in security, response plans, and employees’ familiarity with their roles. Research for this article was supported by the Cybersecurity at MIT Sloan consortium and Boston Consulting Group.
ZDNet: Nozomi Networks and the SANS Institute released a survey that revealed companies had invested more in cybersecurity to protect industrial control systems (ICS). Of 480 responses, 47% reported that their cybersecurity budgets increased over the past two years, 32% said there had been no change, and 15% said they had at least one cybersecurity event in the last 12 months.
The Hill: A bipartisan bill was introduced in the U.S. Senate last Monday stipulating overhaul and improvement for federal cybersecurity policy. The legislation aims at the Federal Information Security Modernization Act, signed into law in 2014, and clarifies reporting requirements for federal agencies if hackers successfully target them.
Last July, the U.S. Transportation Security Administration issued “urgently needed” emergency rules to strengthen the cybersecurity of the nation’s most essential energy pipelines. The effort followed the Colonial Pipeline shut down earlier this year sparked massive fuel shortages and gasoline panic-buying. The regulations recognize that voluntary compliance is not working. However, according to industry officials and some analysts, TSA administrators wrote the new rules in such a way that implementing them could hamper pipeline reliability.
With greater complexity and interdependence among networked digital systems, attackers have even more opportunities to conduct widespread damage. The report identifies unsecured Internet of Things (IoT) devices as the “big hairy monster under the bed” while noting that, in many cases, the barriers to cybercrime are low.
In Case You Missed It
- The State of Cybersecurity Funding for State and Local Government – Ray Wyman
- CRN Recognizes Another Rising SonicWall Channel Star – Ray Wyman
- What is Cryptomining and how can it affect Cybersecurity? – Ray Wyman
- Living in the Wild West of the IoT – SonicWall Staff
- IoT Devices: If You Connect It, Protect It – Amber Wolff
- The Halfway Point: How Cybercrime Has Impacted Government in 2021 – Amber Wolff
- Elevating SonicWall to the Cloud – Jayant Thakre
- How Cybercrime Impacted Education in 2021 – Amber Wolff
- From Sonic Systems to SonicWall: 30 Years of Cybersecurity Evolution – Amber Wolff
- The Top 12 Cybersecurity Books – Recommendations from SonicWall Leadership and Employees – Ray Wyman
- SonicWall Earns Another Perfect Score from ICSA Labs for Q2 — Amber Wolff
- SonicWall President and CEO Bill Conner Recognized on CRN’s 2021 Top 100 Executives List — SonicWall Staff