Cybersecurity News & Trends

It been a big news week as conversations about the Mid-Year Update to the 2021 SonicWall Cyber Threat Report, the Boundless Cybersecurity Model, and the 30th Anniversary filled up pages. SonicWall got a big boost from a story about a new ransom disclosure bill when the co-sponsoring senators (Warren and Ross) mentioned data from the Threat Report in their press releases. In industry news, MIT designs a cybersecurity fire drill, “urgently needed rules” fail to impress and Facebook is crystal clear: outage was not a hack.


SonicWall in the News

New Bill Would Require Ransom Disclosure Within 48 Hours

U.S. Senators Warren and Ross have introduced legislation requiring ransomware victims to report payments within 48 hours of the transaction. Warren and Ross cited figures from SonicWall’s Mid-Year Update to the 2021 SonicWall Cyber Threat Report noting that ransomware attacks rose 62% worldwide between 2019 and 2020 and 158% in North America.

 

Warren Drafts’ Ransom Disclosure Act’ as Ransomware Attacks Increase

Be In Crypto (USA): The legislation proposes that victims of ransomware attacks in the U.S. file an incident report within 48 hours of payment. The bill’s co-sponsors used data from the Mid-Year Update to the SonicWall 2021 Cyber Threat Report.

 

In The Face of More Lethal Attacks, A New Cyberdefense.

BYTE (Spain): The article notes that 2021 has already been a record year for cybercrime, and there is still a quarter to go. The article describes the cybercrime landscape by citing data from SonicWall’s Mid-Year Update to the 2021 SonicWall Cyber Threat Report.

 

Egnyte Expands Ransomware Protection and Adds Ransomware Recovery

ChannelProNetwork (Blog): Citing 304.7 million ransomware attacks in the first half of 2021 as reported by the Mid-Year Update to the 2021 SonicWall Cyber Threat Report. The author describes methods for recovery from ransomware attacks.

 

SonicWall Is Geared Up with the Boundless Cybersecurity Model to Address the New Business Normal

VARIndia (India): The article includes commentary from SonicWall’s Debasish Mukherjee, VP Regional Sales, APAC, about SonicWall’s role in helping companies and organizations transition. Debasish comments that the current era of the ‘anytime, anywhere business’ is forever changing the shape of the I.T. and business landscape.

 

5 Key Cybersecurity Trends to Know, for 2021

The Clinton Courier: The author describes significant trends for cybersecurity this year based on Mid-Year Update to the 2021 SonicWall Cyber Threat Report.

 

Celebrating 30 years, SONICWALL, the leader in CYBERSECURITY

TechFeedThai (Thailand): SonicWall Solution Provider Cybersecurity for SMBs and Large Enterprises Celebrates 30 years since its inception in August 1991. The story also announces an offer by a regional SonicWall product distributor to perform threat assessments for local businesses.

 

Why Email is Your Biggest Cybersecurity Threat

ACE IT (blog): According to SonicWall, email remains a primary way people share information, with over 320 emails sent per day. In addition, the blog notes that through the massive shift to work-from-home, email became “the most extensive channel for all forms of phishing and ransomware attacks.”

 

MSPs: Ransomware Is Your Wake-Up Call to Deliver Non-Negotiable and Comprehensive Security

MSP Insights: Noting that ransomware attacks are only becoming more prevalent, more dangerous, and more costly, the report cites ransomware attacks increased 158% in North America last year, from the Mid-Year Update to the 2021 SonicWall Cyber Threat Report.

 

Cybersecurity Report: Record 304.7 million Ransomware Attacks

vTechio Blog: Quoting SonicWall’s Mid-Year Update to the 2021 SonicWall Cyber Threat Report: the number of attacks eclipses 2020 global totals in just six months. With this data, the writers explain, it’s clear that cybercrime has reached a new and unsettling paradigm.

 

Cybersecurity – Attack and Defense Strategies

Packt: Promoting the Second Edition of a book, the publisher notes “32.7 million IoT attacks” from the Mid-Year Update to the 2021 SonicWall Cyber Threat Report as an example of the current threat landscape. They also note that malware leveraged during an IoT-related attack infects routers and can facilitate data theft.


Industry News

What Happened to Facebook, Instagram, & WhatsApp?

Krebbs on Security: Earlier this week, Facebook (with Instagram, WhatsApp) suffered a massive outage that lasted almost seven hours. While many news organizations speculated that attackers hacked Facebook, Krebbs Report suggested “something inside Facebook” triggered a company-wide revocation of vital digital records that point computers and other devices to Facebook’s assigned resources. Reportedly, during the early part of the outage, employees on-premises could not use passcodes and electronic I.D. badges. Krebbs also speculated that the company’s Border Gateway Protocol (BGP) was affected. The BGP is a chunk of code that Internet Service Providers worldwide share for routing traffic through the complex array of Internet Protocol addresses. On Wednesday, details about the outage appeared to confirm reporting from Krebbs. Also, in the face of rising concerns about cybersecurity, Facebook is crystal clear that the hours-long outage had nothing to do with hackers.

 

Cyberattack Fire Drills: Is Your Company Prepared?

Harvard Business Review: Preparing for the unexpected is much easier said than done. In the case of cyberattacks, many companies have vulnerabilities that they don’t know about. Many organizations can benefit from instituting fire drills and exercises that test a company’s response plan for a cybersecurity catastrophe. Drills can reveal gaps in security, response plans, and employees’ familiarity with their roles. Research for this article was supported by the Cybersecurity at MIT Sloan consortium and Boston Consulting Group.

 

Cybersecurity Budgets for Industrial Control Systems and Operational Tech Increasing

ZDNet: Nozomi Networks and the SANS Institute released a survey that revealed companies had invested more in cybersecurity to protect industrial control systems (ICS). Of 480 responses, 47% reported that their cybersecurity budgets increased over the past two years, 32% said there had been no change, and 15% said they had at least one cybersecurity event in the last 12 months. 

 

Senators Introduce Bill to Strengthen Federal Cybersecurity After Attacks

The Hill: A bipartisan bill was introduced in the U.S. Senate last Monday stipulating overhaul and improvement for federal cybersecurity policy. The legislation aims at the Federal Information Security Modernization Act, signed into law in 2014, and clarifies reporting requirements for federal agencies if hackers successfully target them.

 

New’ Urgently Needed’ Cybersecurity Rules for Pipelines Draw Mixed Reviews

Last July, the U.S. Transportation Security Administration issued “urgently needed” emergency rules to strengthen the cybersecurity of the nation’s most essential energy pipelines. The effort followed the Colonial Pipeline shut down earlier this year sparked massive fuel shortages and gasoline panic-buying. The regulations recognize that voluntary compliance is not working. However, according to industry officials and some analysts, TSA administrators wrote the new rules in such a way that implementing them could hamper pipeline reliability.

 

Why Today’s Cybersecurity Threats Are More Dangerous

With greater complexity and interdependence among networked digital systems, attackers have even more opportunities to conduct widespread damage. The report identifies unsecured Internet of Things (IoT) devices as the “big hairy monster under the bed” while noting that, in many cases, the barriers to cybercrime are low.


In Case You Missed It

 

The State of Cybersecurity Funding for State and Local Government

Congress recognizes a national cybersecurity crisis. SonicWall has a plan to help state and local governments with proposals and procurement.

With dozens of high-profile cybersecurity attacks still fresh in everyone’s mind, U.S. Senate negotiators are hard at work to show taxpayers they can deliver a solution. The recent $1.2 trillion infrastructure proposal passed by the U.S. House of Representatives authorizes $2 billion in new cybersecurity programs, including a $1 billion grant program for cybersecurity initiatives especially set aside for state and local government.

The initiative is entirely understandable given the range and scope of threats facing Americans today. The ransomware attack last May on Colonial Pipeline offered a chilling view of one possible future. Policy-makers are anxious to avoid repeating an episode that triggered regional gasoline shortages and panic-buying that lasted several days.

However, the cyberattacks on business threw the covers off greater dangers that nearly all levels of government now face. In the widely cited and quoted Mid-Year Update to the 2021 SonicWall Cyber Threat Report, government agencies and departments experienced three times more attacks in the first half of 2021 than in all of 2020. By June of this year, federal, state and local governments saw 10 times more ransomware activity than business.

Congress Jumps into Cybersecurity

Given the magnitude of enormous threats from hacker gangs and state-sponsored teams, the move certainly made a lot of sense. But politics being politics, the proposal still must get through the House, where it faces a long road to approval.

Speaker of the House Nancy Pelosi and many members of the House have declared that they will vote on the measure after the Senate passes an even more ambitious $3.5 trillion social policy bill this fall. The process will likely place the infrastructure bill and the cybersecurity initiative on hold for months.

Before the infrastructure bill’s passing, the White House budget proposal for 2022 outlined $58.4 billion for IT funding, including $9.8 billion specified for cybersecurity initiatives for civilian agencies.

While the National Defense Authorization Act (NDAA) Conference Committee has not finalized defense-related budgeting for 2022, it does pick up from last year’s budget, which established the office of the National Cyber Director. In addition, it allows up to $6 billion in discretionary funding, which, according to some capitol observers, could find its way into state and local government IT projects, especially if the infrastructure bill stalls in Congress.

The American Rescue Plan

While the discussion about infrastructure captures all the attention, state and local governments have already started tapping into other funding sources to help shore up their cybersecurity. In March 2021, the American Rescue Plan Act (ARPA) was signed into law. Designed as a means to bridge funding gaps for state, local and tribal governments hammered by the COVID pandemic, the law provides $350 billion in total funding.

It is important to keep in mind that these funds do not come with specific guidelines. State and local government applicants may use this kind of funding for just about anything they want. For example, funds can be invested in water, sewer or their IT security infrastructure.

According to an assessment on ARPA funding by the Brookings Institute, “funding for state and local governments appears to be incredibly flexible, and therefore even more supportive of innovative recovery solutions.”

These funds will be disbursed over the next three years, with many state, municipal and county agencies applying the funds to bridge budget gaps caused by revenue shortfalls during COVID-19. Meanwhile, the anecdotes are filtering in, emphasizing the nightmare scenarios of a security breach because of outdated firewalls and software.

Some funding will go to IT security. But, of course, the question will be how much is enough for the interim until bigger and deeper funding resources are made available.

SonicWall Has a Plan

SonicWall has a long history of working with federal, state, local governments and agencies. SonicWall understands the complexities of the network and how each user in a department may require specific user access. The SonicWall Boundless Cybersecurity model provides the performance and security that allows each agency the elasticity needed in today’s new normal.

SonicWall also bring solutions for hyper-distributed networks, where everyone is remote, mobile, and potentially unsecure, along with the traditional campus cybersecurity network needs.

In addition, the Boundless Cybersecurity model offers seamless protection against the most evasive and crippling cyberattacks like ransomware, IoT, encrypted threats and malware.

SonicWall works closely with all parties to help decipher the often-complicated procurement rules and sort out funding guidelines. We’re out there, in the field, assisting city, county and state agencies; we can share best practices when it comes to assessing the procurement process, right down to grant-writing.

In addition, SonicWall works closely with government procurement, and IT teams to determine their risk profile and build out a security solution for their current and future needs.

We’ve learned a lot throughout the years; below are some best practices and unique considerations:

  1. Recognize and address your increased cybersecurity risks from all aspects of your network. SonicWall can help you uncover hidden dangers with high-level analytics and reporting.
  2. Create and maintain robust data policies and procedures. Network management and policy management tools are built into SonicWall Network Security Manager. NSM gives IT teams the power to govern centrally, meet compliance rules and regulations, and manage risks as they emerge.
  3. Seek automated real-time breach detection and prevention. SonicWall offers automated TLS inspection, patented Real-Time Deep Memory Inspection (RTDMI), Reassembly-Free Deep Packet Inspection (RFDPI) and Capture ATP cloud-based multi-engine sandboxing. Alternatively, we also provide Capture Security Appliance (CSA) on-premises advanced threat detection and Cloud App Security for Office 365 and G Suite applications.
  4. Plan a layered approach to cybersecurity. For example, SonicWall solutions offer ‘end-to-end’ layers of protection, detection and inspection. Our portfolio provides firewalls, switches, secure mobile access, Wi-Fi, email security, cloud application security, endpoint security and control — all orchestrated within a consolidated Network Security Manager through a single pane of glass.
  5. Get everyone on board. The best cybersecurity implementation starts with total buy-in from everyone in the organization. Your network security is strengthened when everyone complies with security measures and recognizes that their security depends on their actions and behavior.
  6. Demand the correct certifications from your vendors. SonicWall meets S. federal governmental certification and interoperability requirements, e.g., NIST, FIPS 140-2, CSfC, Common Criteria, DoDIN APL, USGv6 and NSA CNSA Suite B.

Our goal is to help governments dive into the work of protecting public assets and communities with Boundless Cybersecurity. For more information, visit www.sonicwall.com.

Be Cyber Smart and Lock It Down

Four Actions to help step-up your cybersecurity

You are not paranoid; cybercriminals really are trying to hack your security and steal your information.

The proof is in the numbers. According to the widely quoted Mid-Year Update for the 2021 SonicWall Cyber Threat Report, ransomware attacks rose to 304.6 million in 2020, up 62% over 2019. Some of the increase occurred as more of the U.S. workforce started working from home due to the pandemic. There were also 226.3 million ransomware attacks through May of this year, up 116% year to date over last year.

Some people may choose to ignore the advice and throw caution to the wind. If they’re lucky, it’ll be a minor inconvenience, and their anti-virus software will stop the malware before it can cause serious damage. However, if they’re among the growing thousands of victims each year, hackers will force them to pay a ransom for their precious data or steal their identity or worse.

And you wonder, what could be worse?

One hack of a single individual can lead to a cascade of hacks and much larger problems. For instance, hackers can break into your personal computer without you knowing it, add malware to one of your devices that unpacks wherever you go, bypassing firewalls and other security, straight into your home network, friend’s home, the library, and your workplace.

We all could stand to be a little more careful. A “cybersecure mindset” protects you, your devices, and your data and everywhere you connect your devices. So, when we say, “Be Cyber Smart and Lock It Down,” what we mean is taking personal responsibility for not only how you connect but also actions you take to keep yourself secure.

Here are FOUR ACTIONS that everyone can use to help step up:

1. PROTECT yourself.

Start with passwords: lockdown your devices, software and information with strong passwords that protect you from becoming an easy hack. There are some basic rules for good passwords. The first is the length – a minimum of 12 characters, with a mix of uppercase and lowercase letters. You should also have numbers and symbols (ex: @ # $). Check with your platform; they may have specific requirements like the length and number, and type of symbols. One very important rule: ensure that your password is unique. Avoid obvious hooks, like your address, recognizable names, dates, and phone numbers. Avoid any information that someone may learn by reading your social media profiles. The second is: USE YOUR PASSWORDS and turn on two-step verification wherever you can.

2. PROTECT your personal identification.

Privacy is a matter of personal choice. We want to open some things for the sake of convenience (shopping and health apps, for instance). However, the privacy settings you set on your devices and apps could also open you up to hacks. Being “smart” about your cybersecurity means knowing how hackers attack devices and steal information from open apps. Security experts recommend that you set your privacy settings based on actual need for specific tasks. For instance, change your privacy settings when conditions change, like when traveling or using public networks (e.g., coffee shop Wi-Fi, more on that later).

3. PROTECT your data.

Maybe it seems obvious, but your data (photos, reports, accounting, proprietary documents) are your most vulnerable possessions. We also want to take extra care of our social security numbers, bank accounts, and credit card numbers. And all of that is at risk when we leave it in open apps (no password) or send it on unencrypted emails. So please keep it safe and LOCK IT DOWN! And be very wary of phishing campaigns. Hackers use any means they can to break into your devices and network. For example, they’ll spoof organizations you trust, friends, family members, co-workers, or even your boss. Phishing messages can come by email or phone text. Some of these messages look very authentic. We’ll go into more detail about how to detect phishing messages in another post, but you can make a personal policy to never share private information via email or text with anyone.

4. PROTECT your devices.

If you didn’t know already, public Wi-Fi hotspots are not secure. Unfortunately, that means the public hotspots at your favorite coffee shop, restaurants, shopping malls, libraries, and especially airports. With minimal knowledge and equipment, hackers can scan unencrypted data streams that contain passwords and account information that you send and receive. Several years ago, scammers took it further and created elaborate spoof Wi-Fi networks with name and branding marks similar to what people expected. However, there are several things you can do to lock it down:

  • Turn off the Wi-Fi auto-connect feature on your devices. Turn it back on when you need it and choose the networks you want to use.
  • Use secure wireless networks that have WPA or WPA2 password protection. Unfortunately, these are uncommon for places like the local coffee shop or the airport, so they may be challenging to find.
  • Install mobile security software with malware and virus detection for laptops, pads, and phones. You may also install a VPN (a virtual private network) that encrypts your data stream even if the Wi-Fi network does not.

SonicWall joined the Cybersecurity and Infrastructure Security Agency (CISA) this month to help raise awareness during Cybersecurity Awareness Month on how we can all do better to prevent hacks. That means adopting a ‘cybersecure mindset’ to protect our homes, communities and our workplaces. Being aware is not being paranoid; it recognizes that cybercriminals really are trying to hack our security and steal our information.

#BeCyberSmart

Cybersecurity News & Trends

SonicWall’s Mid-Year Update to the 2021 SonicWall Cyber Threat Report comes back into the news cycle, and Terry Greer-King, VP of EMEA Sales at SonicWall, describes how AI-powered cybersecurity is setting the pace as threats evolve in real-time. In industry news, China bans crypto trading in the latest sign of growing frustration with the crypto community, and more hackers turn to cryptojacking to expand their enterprises. Then, there’s an ongoing struggle to hire cybersecurity personnel for governments, Neiman-Marcus customer database is breached, $311 million awarded for IT and cybersecurity, and Yahoo builds a culture. And separately, October is Cybersecurity Awareness Month – #BeCyberSmart


SonicWall in the News

Cybersecurity – Attack and Defense Strategies

Packt: Promoting the Second Edition of a book, the publisher notes “32.7 million IoT attacks” from the Mid-Year Update to the 2021 SonicWall Cyber Threat Report as an example of the current threat landscape. They also note that malware leveraged during an IoT-related attack infects routers and can facilitate data theft.

 

Ransomware-as-a-Service: Handy Services for your Friendly Neighborhood Cybercriminals

OneLogin: Did you know that cybercriminals can pay for a service to spread and manage ransomware attacks? Well, they can. And, in fact, it is called Ransomware-as-a-Service (RaaS). According to the Mid-Year Update to the 2021 SonicWall Cyber Threat Report, 304.7 million ransomware attempted attacks in the first six months of 2021.

 

The Top Ransomware Threats Aren’t Who You Think

Threat Post: Move over REvil, Ragnar Locker, BlackMatter, Conti et al.: Three lesser-known gangs account for the vast majority of ransomware attacks in the US and globally. The report mentions the Mid-Year Update to the 2021 SonicWall Cyber Threat Report as the source for a list of emerging ransomware threats in the first half of 2021.

 

Cryptocurrencies and telecommuting: fertile ground for cybercrime

Digis MAK: Ransomware threats to supply chains have rapidly escalated the list of concerns for businesses and governments in the wake of the pandemic. The story cites the Mid-Year Update to the 2021 SonicWall Cyber Threat Report, mentioning that in the first six months of this year, the security firm SonicWall recorded a volume of 304 million attacks, a number never seen before.

 

AI-powered cyber-security leads the pack

TEISS (UK): Terry Greer-King at SonicWall describes how AI-powered cyber-security is setting the pace as threats evolve in real-time. With a record-breaking year for ransomware, AI-powered cybersecurity could come at no better time. Citing the Mid-Year Update to the 2021 SonicWall Cyber Threat Report, the story mentions that in the first half of 2021, ransomware attacks skyrocketed to 304.7 million, smashing 2020’s total number of attacks (304.6 million) in just six months — a 151% year-over-year increase.

 

Ransomware victims need to warn of attack? Who investigates? 

Play Crazy Game (Brazil): Cyberattacks reached a record in the first half of 2021 worldwide. Brazil is the 5th biggest threat target, citing 9 million attempted attacks from the Mid-Year Update to the 2021 SonicWall Cyber Threat Report.


Industry News

China’s Regulators Ban Crypto Trading and Mining, Sending Bitcoin Tumbling

Reuters: Late last week, a new headline reverberated through the global cryptocurrency community: China declared all cryptocurrency transactions illegal. As the story gained steam, Bitcoin (BTC) and other cryptocurrencies fell sharply in trading. However, they then quickly recovered even as Chinese brokers like Huobi Global ceased account registrations for new users from mainland China. But the story does not end there. The US Department of Treasury previously announced strict sanctions against cryptocurrency exchange SUEX to allow ransomware transactions. While the two actions do not appear to be coordinated, they reveal growing frustration among governments over the lack of centralized controls and rules for cryptocurrency trades. According to the Treasury Department, ransomware payments in 2020 topped $400 million worldwide, more than four times their level in 2019. Thanks to hackers, the world of cryptocurrency – which savors its independence from regulation – will feel increasing pressure to regulate or face more actions such as those witnessed by China and the US.

 

States at a disadvantage in the race to recruit cybersecurity pros

Associated Press: Hiring people with strong cybersecurity skills into government security programs is difficult when the best that some agencies can offer are unpaid internships as a part of their candidate recruitment programs. Employment agencies working in the field estimate that state and local governments need to fill 9,000 cybersecurity jobs, with the footnote that the actual need total is probably much higher. The Department of Homeland Security recently acknowledged 2,000 job vacancies in newly formed cybersecurity task forces. The story from AP notes that salaries from government agency positions are often significantly lower than what is offered in the private sector.

 

Why Cryptomining Malware Is a Harbinger of Future Attacks

Dark Reading: With cryptocurrency values soaring, more and more organized hackers are jumping into cryptojacking to increase cashflows. They still rely on the same methods of injecting malware into victims’ networks and computers, but the risk of getting caught is very low. Many cryptojackers rely on behavior: most of their victims usually do not notice the installation of their tiny payload of malware, let alone the CPU cycles that are siphoned off to engage cryptomining. In addition, the effort to maintain the hack is far less risky for the hacker than ransomware or other types of breaches. The opinion here conforms with different views – as cryptocurrency valuation rises, the number of cryptojackers will also rise.

 

Cybersecurity Breach Affects More Than 4 Million Neiman Marcus Customers

CBS Dallas: Neiman Marcus Group, based in Dallas, TX, said in a news release that a security breach exposed personal information from 4.6 million customers, including contact details, payment card numbers, gift card numbers, usernames and passwords.

 

Four agencies win $311M to Modernize IT, Cybersecurity

Federal News Network: The first tranche of cybersecurity modernization awards worth about $311 million was awarded to four agencies for six projects. Funding is from the $1 billion that Congress specified in the Technology Modernization Fund earlier this year.

 

How Yahoo Built a Culture of Cybersecurity

Harvard Business Review: Yahoo studied employee responses to simulations to better understand how to make them take cybersecurity seriously. To make meaningful change, managers should take three key steps:

  1. They must identify critical employee behaviors.
  2. Managers must measure behaviors transparently.
  3. Managers must use awareness to explain why something is important.

Telling your employees that they should do something isn’t enough to inspire meaningful change. Just ask anyone who has ever watched a cybersecurity awareness video. While the videos do a good job of instructing employees to be mindful of data security, the videos seldom lead to a wholesale change in behavior. This article relates closely with another from HBR: Cyberattacks are Inevitable. Is Your Company Prepared?


In Case You Missed It