Cybersecurity News & Trends Blog Cover

Cybersecurity News & Trends – 10-22-21

By

The news outlets are back to quoting the Mid-Year Update to the 2021 SonicWall Cyber Threat Report, with a big hit in Germany in Handelsblatt, a major news outlet. In industry news, analysts debate the significance of “killware,” hackers are stealing telecom records, hosting admins sentenced with RICO charges, Dark Web goes darker, Macs are still safer, and beware of YouTube trojans.


SonicWall in the News

The invisible war – how global hacker gangs threaten our security and prosperity

Handelsblatt (Germany): An outstanding article in one of Germany’s most important daily newspapers mentions SonicWall as an expert in cybersecurity and quotes the 2021 Cyber Threat Report Mid-Year Update. The authors cite several vital stats from the report to explain the rise of various threats that have weakened cybersecurity throughout the world. The article appeared online and in the print issue of the publication.

SonicWall’ Returns Choice’ To Customers by Securing Different Network Environments

Security Brief (Asia): SonicWall has declared that organizations should no longer change how they operate to secure their networks, devices and people, prompting the company to bring ‘customer choice’ back into its range of cybersecurity solutions.

Protect any network combination

LANline (Germany): This article picked up SonicWall’s media alert on protecting virtual, hybrid, cloud-based and local systems with SonicWall.

SonicWall Webinar: Can small companies and branches survive the crisis?

Infopoint Security (Germany): This article promotes a SonicWall webinar that shows how small businesses can best protect themselves during the “crisis” of increased cyberattacks.

Could your company recover from a ransomware attack?

BizJournals (U.S.): Citing SonicWall’s mid-year update on the 2021 Cyber Threat Report, the author notes the sharp rise in ransomware attacks in North America as a reason for companies to create contingency plans.

How to Create a Relevant Cybersecurity Strategy

Accounting Web (U.S.): Using SonicWall’s Mid-Year Update on the 2021 Cyber Threat Report, the author illustrates the sharp rise in cybersecurity attacks. The article is mostly about how CPAs and other accounting professionals play a crucial role in protecting financial data. However, the author also provides an overview of the most common cyberattacks, such as malware and phishing, and offers tips on making sure your organization has the proper protections in place.

‘Clumsy’ BlackByte Malware Reuses Crypto Keys, Worms into Networks

Dark Reading (U.S.): A unique malware named “BlackByte” was discovered during a recent incident response engagement. The malware reportedly avoids Russian computers and uses a single symmetric key for encrypting every compromised system. Additionally, the report cites SonicWall’s “Cyber Threat Report: Mid-Year Update” and notes that the number of ransomware attacks in the first half of the year rose 150% to almost 305 million.

The Ransom Disclosure Act Proposed — Gives 48 Hours to Report Ransom Payments

LinkedIn Pulse: Citing Ransom Disclosure Act legislation proposed in the U.S. Senate, the author offers “hard-numbers perspective” of data from the Mid-Year Update on the 2021 SonicWall Cyber Threat Report, ransomware attacks surged a staggering 304.7 million attempted ransomware attacks within SonicWall Capture Labs’ Capture Threat Network, which monitors and collects information from global devices.


Industry News

DHS Secretary: “Killware” Malware Designed to Do Real-World Harm

CPO Magazine: This article opens with comments made by U.S. Department of Homeland Security Alejandro Mayorkas where he asserts that “killware is poised to be world’s next breakout cybersecurity threat.” The reference is on recent attacks on water treatment plants and hospitals where hackers could – in theory – trigger events that may harm or kill people. Mayorkas’ claim appears to be backed up by research from Gartner that projects that threat actors will be weaponizing operational environments to harm and kill people within the next four years. While the danger is real, other analysts believe that the “hype is bigger than the threat, for now.” While the attacks on SolarWinds and the Colonial Pipeline are very worrisome, and the recent attempted attack on a water treatment plant in Florida is alarming to the extreme, they are not necessarily harbingers of imminent danger. Since nearly all cybercrime is motivated by profit, we need to define… “exactly when a given cyberattack moves from being a purely criminal matter to a national security threat,” said one analyst. “If cyberattacks, especially those perpetrated across international boundaries, regularly cause bodily harm or loss of life, they will receive treatment as a threat to national security.”

Cybercrime Group Hacking Telecoms to Steal Phone Records

Gizmodo: A new report shows that a particular hacker group, believed to be based in China, has been targeting telecommunication companies all over the world. The report, which goes into a significant amount of detail, shows that the hackers behind the campaign have managed to infiltrate 13 different global telecoms in the span of just two years. Reuters reports that this has included exfiltrating “calling records and text messages” directly from carriers.

Hosting Administrators Sentenced for Helping Cybercrime Gangs

Bleeping Computer: Two Eastern European men were sentenced to prison on Racketeer Influenced Corrupt Organization (RICO) charges for bulletproof hosting services used by multiple cybercrime operations to target U.S. organizations. They provided cybercrime-affiliated clients with the infrastructure needed to host exploit kits and run malicious campaigns distributing spam emails and malware for roughly seven years, between 2008 and 2015.

The Dark Web Goes Darker and Busier

TechSpot News: Cybercrime services cost less than $500, and stolen data now spreads 11 times faster than it did six years ago, according to a recent study by BitGlass. Why this matters: The dark web is not only alive and kicking, and it’s growing more dangerous than ever.

Cybersecurity Offers Jobs, High Wages — If Enough People Can Be Trained

Argus Leader: As people consider careers or new options in work, high-paying jobs in traditional fields like health may come to mind, but one industry is prospering from protecting the data of others. Cybersecurity, the protection of computer systems and networks, is emerging as a promising industry with more than enough jobs. The issue? There aren’t enough faculty to train people to fill that work.

Macs Still Targeted Mostly with Adware, Less with Malware

Dark Reading: For people who rely on Macs, the news is a little better. An ongoing study of vulnerabilities, the top 10 categories of digital threats on macOS are all adware programs, with only a sliver of the share of victims affected by actual malware. Apple Macs are not immune to malicious attacks. Still, outside of some significant nation-state efforts, new research shows that bad actors continue to use adware as the method of choice to make money from infecting the macOS operating system.

Massive Campaign Uses YouTube to Push Password-Stealing Malware

Tech Times: Widespread malware campaigns are creating YouTube videos to distribute password-stealing trojans to unsuspecting viewers. Initially reported by Bleeping Computer, video descriptions may contain links that lead to password-stealing trojan malware. These infections quietly run on a computer while stealing passwords, screenshots of active windows, cookies, credit cards stored in browsers, FTP credentials, and arbitrary files decided by the threat actors. When installed, the malware will communicate with a Command & Control server, where it waits for commands to execute by the attacker, which could entail the running of additional malware. According to this report, the best way to avoid the attack is not to click links in the video description.


In Case You Missed It

 

SonicWall Staff