Cybersecurity is Infrastructure

With the Infrastructure Investment and Jobs Act’s passing, state and local governments move to secure themselves against rampant cyberattacks.

When President Joe Biden signed into law the $1.2 trillion Infrastructure Investment and Jobs Act’s in November 2021, we saw a celebration of bipartisanship that emphasized the importance of the legislation. The bill’s journey to passage drew on support from both Democrats and Republicans to create jobs across the country by dispersing billions of dollars to state and local governments to help amend decades of neglect.

The bill specifically targets the country’s crumbling bridges, tunnels, roads and railways. In addition, it expands broadband internet access to millions of Americans, and it gives state and local governments the means to enhance and expand local cybersecurity.

Why worry about cybersecurity?

Although cybersecurity has always been a part of all-things-internet, the recent massive rise in malware and other threats has forced the whole world to sharpen its attention on cybersecurity in ways we never thought necessary.

In the first half of 2020, there were 4.4 million attacks against government customers. However, as reported in the mid-year update to the 2021 SonicWall Cyber Threat Report, during the same period in 2021, that number rose to 44.6 million — a staggering 917% increase and the most significant jump of any industry examined by SonicWall. 

In SonicWall’s follow-up report, The Year of Ransomware, the attacks showed no sign of slowing. After posting a groundbreaking high in June, the third quarter saw 190.4 million ransomware attempts, the highest ever recorded in a single quarter by SonicWall. In contrast, there were 195.7 million total ransomware attempts logged during the first three quarters of 2020.

What’s does the infrastructure bill do for cybersecurity?

The $1.2 trillion Infrastructure Investment and Jobs Act allocates about $2 billion for cybersecurity. About half of that amount is set aside for the State, Local, Tribal and Territorial (SLTT) Cyber Grant Program and distributed over four years.

The Department of Homeland Security (DHS) will administrate funding. Therefore, SLTTs will need to present comprehensive plans that fully and accurately describe new resource procurement, implementation and management to access the funding. As written, the bill provides $200 million in 2022, $400 million in 2023, $300 million in 2024, and $100 million in 2025.

How does the infrastructure bill specify what qualifies as cybersecurity?

The Infrastructure Investment and Jobs Act’s language offers a much-needed definition for state and local governments on the types of investments they are expected to make. But, more than likely, DHS will provide additional compliances and rules as a condition for funding.

Specifically, the bill identifies firewalls (on-prem and virtual), secure mobile access (on-prem and virtual) and advanced software that provides endpoint threat detection and response. That means funding rules will probably focus on technology that offers operational capability or services, including computer hardware, software and related assets that enhance operators’ ability to protect themselves against threats.

What kind of broadband spending does it offer?

The legislation identifies $42.45 billion for an initiative called “Broadband Equity, Access, and Deployment.” This portion of cyber activity will expand grants available to underserved communities. The Assistant Secretary of Commerce for Communications and Information will soon announce funding details.

Still, this funding is expected to touch on local cybersecurity considerations as expansion will likely involve wireless communication and participation from local utilities (e.g., mobile, broadband).

How SonicWall Fits into the Plan

While the Infrastructure Investment and Jobs Act identifies security technology like firewalls, secure mobile access and endpoint threat protection software, it doesn’t specify performance metrics to help state and local governments target their plans more precisely. Additionally, we won’t have funding specifics from managing agencies until early next year.

In the meantime, state and local governments are already forming their procurement teams. Some are preparing themselves by establishing early partnerships with the cybersecurity industry to identify technology and best practices for managing local networks.

Among the many considerations:

  • Recognize and address the increased cybersecurity risks from all aspects of your network. SonicWall helps you uncover hidden dangers with high-level analytics and reporting.
  • Create and maintain robust data policies and procedures. Network management and policy management tools are built into SonicWall Network Security Manager. NSM gives IT teams the power to govern centrally, meet compliance rules and regulations, and manage risks as they emerge.
  • Look for automated real-time breach detection and prevention. SonicWall offers automated TLS inspection, patented Real-Time Deep Memory Inspection (RTDMI), Reassembly-Free Deep Packet Inspection (RFDPI) and Capture ATP cloud-based multi-engine sandboxing. Networks gain added security and resilience with Capture Security Appliance (CSA) on-premises advanced threat detection and Cloud App Security for Office 365 and G Suite applications.
  • Seek out proven efficacy and innovation. Technological efficiency will be a significant consideration for funding since the kinds and variations of threats are constantly changing. SonicWall’s latest threat data included a report of a 73% increase in unique malware variants. The company’s patented technology uncovered this significant data point.
  • Plan a layered approach to cybersecurity. For example, SonicWall solutions offer ‘end-to-end’ layers of protection, detection and inspection. Our portfolio provides firewallsswitchessecure mobile accessWi-Fiemail securitycloud application security, endpoint security and control — all orchestrated within a consolidated Network Security Manager through a single pane of glass.
  • Build organizational consensus and ownership. The best cybersecurity implementation starts with total buy-in from everyone in the organization. Your network security is strengthened when everyone complies with security measures you’ve chosen to help keep your network and digital assets safe from hackers.
  • Demand the correct certifications from your vendors. SonicWall meets federal governmental certification and interoperability requirements (e.g., NIST, FIPS 140-2, CSfC, Common Criteria, DoDIN APL, USGv6 and NSA CNSA Suite B.)

Cybersecurity News & Trends

SonicWall’s widely quoted threat reports (The Year of Ransomware and Mid-Year Update to the 2021 Cyber Threat Report) are still attracting US and European journalists and editors. This week, SonicWall scored another big hit with a report from Wall Street Journal. In industry news, the previously mentioned article in Wall Street Journal reports on the possible extradition of a Russian entrepreneur to the US. Meanwhile, US Government cybersecurity initiatives lean hard on partnerships with corporations and academia, banking regulators push hard on banks to report breaches quickly, the US House approves an additional $500 million for cybersecurity funding, and insurance companies run away.

SonicWall in the News

US Accuses Russian of Money Laundering for Ryuk Ransomware Gang

Wall Street Journal (US): A Moscow entrepreneur was detained during a vacation abroad this month and is now facing extradition to the US on charges that he helped a notorious Russian ransomware group launder payments. Denis Dubnikov, a Russian citizen, was expelled from Mexico and placed on a plane to Amsterdam, where Dutch police arrested him on Nov. 2 on a US charge of conspiracy to commit money laundering, according to his lawyer Arkady Bukh. Dubnikov, 29 years old, is being sought to stand trial as part of a Federal Bureau of Investigation investigation of Ryuk, which was linked to one-third of all US ransomware attacks in 2020, according to cybersecurity firm SonicWall.

Cryptojacking – A Poison For Latin America’s Digital Economy

Intelligent CIO (Brazil): Arley Brogiato, Sales Director, SonicWall Latin America, explains the risk of cryptojacking in the region. Like a pest that silently gnaws at corporate IT, cryptojacking does unnoticed, unconfronted and unresolved damage. This expression comes from the word ‘crypto,’ from cryptocurrencies and ‘jacking,’ which refers to something used illegally.

Sonicwall: ‘Largest Platform Evolution In Company History’ Unifies Cloud, Virtual & Hardware Portfolio

Scoop Sci-Tec (Singapore): SonicWall today announced the latest additions of its Generation 7 cybersecurity evolution, the largest in the company’s 30-year history. Driven by this innovation, SonicWall unifies cloud, virtual and hardware offerings across a single and fully integrated cloud-powered platform.

Toronto Transit Commission Still Recovering from Ransomware Attack

IT World (Canada): IT staff at the Toronto Transit Commission (TTC) are still dealing with the effects of a ransomware attack that was detected just as the weekend started. In a report released Friday, SonicWall said that it had logged 495 million ransomware attempts so far this year to date. At that rate, it said, 2021 will be the most costly and dangerous year on record.

Ransomware: How to Mitigate Attacks

ARN-IDG (US): Ransomware is a form of malicious software that encrypts a user’s sensitive data when deployed on a device. The victim is asked to pay a ransom to the attacker, usually in Bitcoin, to secure a decryption key or initiate a decryption process. Posted by Jeff Marshall, Country Manager & Regional Director.

Mitiga Releases Cloud Incident Readiness and Response Solution for Ransomware Attacks

CISION (US): Ransomware attacks are on the rise worldwide, increasing in complexity as cyberattackers adapt to defensive strategies. Recent research by SonicWall shows that ransomware attacks reached 304.7 million in the first half of 2021, exceeding the 304.6 million attacks logged in all of 2020.

Be Cyber Smart and Lock It Down

ELE Times: According to the widely quoted Mid-Year Update for the 2021 SonicWall Cyber Threat Report, ransomware attacks rose to 304.6 million in 2020, up 62% over 2019. The increase occurred as more of the US workforce started working from home due to the pandemic. There were also 226.3 million ransomware attacks through May of this year, up 116% year to date over last year. Author: Debasish Mukherjee: Vice President, Regional Sales APAC at SonicWall.

Industry News

NSA Director: Evolving Cyber Threats Require Deeper Public-Private Partnerships

Nextgov: The government has long leaned on partnerships with companies and academia to advance technology, but according to one top cybersecurity leader, the complexities of the modern conflict landscape warrant cross-sector collaboration that goes deeper than any before. “I do think that there is a realization that we can’t do this alone,” Gen. Paul Nakasone said Tuesday night at an Intelligence and National Security Alliance-hosted dinner in Virginia. “So, this partnership has to exist—and it’s got to get even more powerful.”

Banks Ordered to Promptly Flag Cybersecurity Incidents Under New US Rule

Reuters: US banking regulators on Thursday finalized a rule that directs banks to report any significant cybersecurity incidents to the government within 36 hours of discovery. Separately, the banking industry said it had completed a massive cross-industry cyber security drill that aims to ensure Wall Street knows how to respond in the event of a ransomware attack that threatens to disrupt a range of financial services.

More Than $500M For Cybersecurity Included in Sweeping House-Passed Package

The Hill: The House approved more than $500 million in cybersecurity funding on Friday as part of its version of President Biden’s roughly $2 trillion Build Back Better package. The social and climate spending bill, passed by a narrow vote of 220-213, would primarily funnel those funds to the Cybersecurity and Infrastructure Security Agency (CISA) to help address issues including cybersecurity workforce training and state and local government cybersecurity.

Beware the Chinese Ransomware Attack with No Ransom

Bloomberg: A breach by Chinese hackers of almost a dozen targets in Taiwan looked, on the surface, like just another ransomware attack: infiltrate a network, encrypt a ton of files, lock the owners out of their systems, and wait to be paid. But this one was different for what it didn’t contain and portends a type of threat that could hinder attempts by corporate and government leaders to make their computer systems more secure. Companies like the semiconductor maker Powertech Technology Inc., communications provider Chunghwa Telecom Co., plastics conglomerate Formosa Petrochemical Corp. and state-run petroleum company CPC Corp. were among those hit in May 2020 by the Chinese Winnti group. Last year, seven members were indicted by the US for a series of attacks that allegedly affected more than 100 high-tech and online gaming companies globally.

North Korean Hacking Group Targets Diplomats, Forgoes Malware

Dark Reading: A North Korean cyber-operations group has increased its focus on cyber espionage and targeting diplomats and regional experts, using captured user credentials to fuel phishing attacks and only rarely using malware to persist in targeted organizations. A new report found that the North Korean group mainly targets individuals in the United States, Russia, and China, and usually attempts to quietly harvest credentials, siphon off information, and — like many attacks attributed to North Korea — turn compromises into financial gain.

Iran-Backed Hackers Exploited Microsoft, Pose Major Cyber Threat

Fox News: Law enforcement agencies in the U.S., Britain, and Australia have issued a joint statement labeling an Iran-sponsored group as a serious threat to cyber security. The Cybersecurity and Infrastructure Security Agency (CISA), FBI, Australian Cyber Security Center (ACSC), and British National Cyber Security Center (NCSC) released a joint cybersecurity advisory Wednesday that linked a group of hackers to the Iranian government.

Hackers Deploy Linux Malware, Web Skimmer on E-Commerce Servers

Bleeping Computer: Security researchers discovered that attackers are also deploying a Linux backdoor on compromised e-commerce servers after injecting a credit card skimmer into online shops’ websites. The PHP-coded web skimmer (a script designed to steal and exfiltrate customers’ payment and personal info) is added and camouflaged as JPG image files common folders. The attackers use this script to download and inject fake payment forms on checkout pages displayed to customers by the hacked online shop.

Businesses Worried About Cyberattacks During the Holidays

CBS News: After a year of headline-grabbing ransomware attacks, businesses say they’re worried about the possibility they’ll face cyber intrusions this holiday season, a time when many of their cybersecurity operations rely on skeleton staffing. A whopping 89% of the respondents from the US, U.K., France, Germany, Italy, Singapore, Spain, South Africa, and UAE indicated that they were concerned about a repeat cyber intrusion ahead of the holiday season. However, 36% said they had no “specific contingency plan in place to mount a response.”

Insurers Run from Ransomware Cover as Losses Mount

Reuters: Insurers have halved the amount of cyber cover they provide to customers after the pandemic, and shift toward work-at-home drove a surge in ransomware attacks that left them smarting from hefty payouts. Major European and US insurers and syndicates operating in the Lloyd’s of London market face increased demand. They have been able to charge higher premium rates to cover ransoms, repair hacked networks, business interruption losses, and even PR fees to mend reputational damage.

In Case You Missed It

Frost & Sullivan Commend SonicWall for Security Excellence

On its most recent analysis of the global network firewall market, Frost & Sullivan awarded SonicWall with its 2021 Global Competitive Strategy Leadership Award. Frost & Sullivan applies a rigorous analytical process to evaluate multiple nominees for each award category before determining the final award recipient.

“We appreciate the recognition of SonicWall’s cybersecurity prowess as we charge forward in our mission to deliver partners and customers with proven protection for organizations that have become borderless,” said SonicWall President and CEO Bill Conner in an official release. “Our commitment to providing world-class security solutions for businesses of any size, coupled with our frequent product innovations, reinforce the company’s position as a leading cybersecurity innovator well into the future.”

SonicWall has been at the forefront of providing advanced cybersecurity solutions for service providers, data centers, large distributed enterprises, as well state, local and federal government agencies, for over three decades.

When evaluating SonicWall and its products, Maksym Beznosiuk, Best Practices Research Analyst at Frost & Sullivan said, “SonicWall frequently redefines its roadmap to deliver the best network security and cybersecurity solutions to organizations across industry verticals, ensuring higher efficiency, security and reliability.”

The award process involves a detailed evaluation of best practices criteria across two dimensions for each nominated company. SonicWall exceled across the criteria in the network firewall space.

“SonicWall leads the way in the network firewall marker by frequently redefining its roadmap to deliver the best network security and cybersecurity solutions to organizations across industry verticals, ensuring higher efficiency, security and reliability,” said Beznosiuk. “SonicWall positions itself strategically by broadening its portfolio with on-premise, hybrid, or virtual firewalls while also ensuring flexible price ranges.”

If you want to learn more about SonicWall and Frost & Sullivan’s 2021 Global Competitive Strategy Leadership Award, please visit here.

Cybersecurity News & Trends

SonicWall’s The Year of Ransomware and Mid-Year Update to the 2021 Cyber Threat Report are still circulating in US and European news outlets. Meanwhile, trade news is tracking SonicWall’s penetration into regional markets. In industry news, the FBI warns about Iranian hackers, the Robinhood hack took from customers and gave to the hackers, the BlackMatter ransomware had a coding flaw that lost millions, and the world of Superman and Batman was ransomed.

SonicWall in the News

How the Cloud Enables Fast, Easy Recovery from Ransomware and Disasters

CPO Magazine (US): Ransomware attacks are skyrocketing, fueled by the rise in remote work during the pandemic. There were more than 300 million ransomware attacks during the first half of this year — up 151% over 2020 — according to the 2021 Cyber Threat Report from security firm SonicWall.

Back to Basics: Hardware Security as the Ultimate Defense Against Ransomware Attacks

Techspective (US): Ransomware has been a growing threat for a while. But it seems 2021 is the year that evolving attacks have exploded worldwide — citing SonicWall’s “The Year of Ransomware” cyber threat update.

IT Paves the Way to Return To Village

Newsbook (Spain): SonicWall’s participation in a unique article about how IT helps companies return to rural Spain: The transfer of the usual areas of residence caused by remote work during the covid-19 pandemic has revealed the urgency of closing the digital divide between the different territories.

Education, One of The Main Targets of Cybercriminals

ComputerWorld /CSO (Spain): SonicWall byline article about the education sector. Written by Luis Fisas, SonicWall’s Southern Europe director.

Act Now To Protect Yourself Against Cybercrime

Bristol Post (UK): Cybercrime is a fast-growing threat to every organization online. According to the 2021 SonicWall Cyber Threat Report, in the first half of this year, there were 304.7 million ransomware threats – a rise of more than 150% on the same time last year.

Safe-T Group Boosts iShield with Advanced Ransomware Protection Capabilities

Yahoo Finance (New Zealand): Over just the past year, more than 495 million ransomware attacks have been logged by SonicWall, a leading publisher of ransomware threat intelligence, making 2021 the most costly and dangerous year on record.

Safe-T Group Announces Boost To iShield Consumer Cybersecurity Product

Proactive Investors (UK): Safe-T noted that over just the past year, more than 495 million ransomware attacks had been logged by SonicWall, a leading publisher of ransomware threat intelligence, making 2021 the most costly and dangerous year on record.

Can Small Companies and Branches Survive the Crisis?

Security Insider (Germany): This article reviews a SonicWall webinar about the global ransomware crisis.

SonicWall Merges Sales Regions

Channel Observer (Germany): This article discusses the news alert about SonicWall expanding the central Europe sales account.

Cyberattacks Cost the Education Sector An Average Of 2.34 Million Euros

El Economista (Spain): SonicWall Cyber Threat Report mentioned in an article about cybersecurity in the Education Sector.

SonicWall Reports Nearly ‘Unimaginable Upward Trend’ In Ransomware

Intelligent CISO (UK): SonicWall has recorded a 148% increase in global ransomware attacks through the third quarter of 2021.

10 Minute IT Jams – SonicWall VP Discusses SASE and Zero Trust

Techday Network (New Zealand): Virtual Interview with Vice President of Products Jayant Thakre. They discussed SASE and Zero Trust among other topics.

Types of Malware: How to Detect and Prevent Them

Security Boulevard (US): Cyberattacks are rampant, wreaking havoc on organizations of all sizes. SonicWall recorded 304.7 million global ransomware attacks during the first half of 2021, a 151% year-to-date increase.

A Record 714 million Ransomware Attacks Are Forecast By 2021

IT Reseller (Spain): Press release, the year of ransomware: There has been a 148% increase in global ransomware attacks so far this year, as well as a 33% increase in IoT malware globally, with spikes in the United States and Europe. Cryptojacking has also emerged, with a massive growth rate of 461% across Europe.

Industry News

FBI Warns US Companies About Iranian Hackers

CNN: Iranian hackers have searched cybercriminal websites for sensitive data stolen from American and foreign organizations that could be useful in future efforts to hack those organizations, the FBI said in an advisory sent to US companies. In addition, Iranian hackers are interested in dark-web forums, where scammers leak information on their victims, such as stolen emails and network configurations.

Daily Crunch: Malicious hackers gain access to 7 million Robinhood customer names, emails

TechCrunch: A social-engineering hack led to Robinhood’s internal tools being accessed by an external party. According to the report, hackers took a database of more than 5 million customer email addresses and 2 million customer names. Also taken was a much smaller set of more specific customer data. For a company that recently posted somewhat lackluster earnings, it’s not a great look.

Travel Site reportedly hacked by a US intel agency; customers never informed

ARS Technica: According to a book published on Thursday, a hacker working for a US intelligence agency breached the servers of in 2016 and stole user data related to the Middle East. The book also says the online travel agency opted to keep the incident secret. The Amsterdam-based company decided that it didn’t need to notify customers or the Dutch Data Protection Authority because it wasn’t legally required to do so because the hack didn’t reveal sensitive or financial information.

Ransomware Criminals Lost Millions When Researchers Secretly Uncover Errors

ZDNet: A significant ransomware operation was blocked from collecting millions of dollars when a cybersecurity research group discovered a flaw in their code. Researchers found an error in the encryption that allowed files to be recovered without paying the ransom. The group, housed at Emsisoft, detailed the encryption error behind BlackMatter ransomware. They reportedly saved several victims from paying the ransom. The group kept the flaw secret until more people could be helped. Eventually, however, researchers disclosed the flaw and how they could undermine BlackMatter and provide decryption keys to victims of their attacks.

US Targets Darkside Ransomware And Its Rebrands With $10 Million Reward

Bleeping Computer: The US government targeted the DarkSide ransomware group and various rebrands with a $10 million reward for information leading to the identification or arrest of members of the operation. In addition, rewards of $5 million are also offered for information leading to the arrest of participants in a Darkside attack.

The US Joins International Cybersecurity Partnership Previously Ignored

CNN: The United States has joined an 80-country agreement that condemns reckless behavior in cyberspace and seeks to mobilize resources to secure the software supply chain that the Trump administration declined to join. Vice President Kamala Harris announced the agreement on Wednesday following a meeting with French President Emmanuel Macron.

Hackers Face Up To 100 Years in Prison If Prosecuted in the US

FoxNews: Suspected hackers connected to the cyber ransom group ‘REvil’ have been arrested and charged by the Department of Justice. The group attacked JBS Beef, the world’s largest meat supplier in the US, and tech company Kaseya. Officials also recovered $6 million in ransom payments extorted by the hackers. Cybersecurity expert and attorney Leeza Garber joined The National Desk Thursday to provide more information on these hackers.

Electronics Retailer MediaMarkt Hit by Ransomware Demand for $50M Bitcoin Payment

CoinDesk; MediaMarkt, Europe’s largest electronics retailer, has reportedly been hit by a Hive ransomware attack with demands to pay $50 million in bitcoin. The attack by the Hive ransomware group encrypted MediaMarkt’s servers, causing the retailer to shut down its IT systems to prevent further problems. That caused many stores, mainly in the Netherlands, to be unable to accept credit and debit card payments. Germany-based MediaMarkt has more than 1,000 stores across the continent.

Ukrainian Hackers Indicted in Texas After $6.1 Million Ransomware Attack

SanAngelo Live: The US Justice Department has taken against two foreign nationals charged with deploying Sodinokibi/REvil ransomware to attack businesses and government entities in the United States. An indictment unsealed on Nov. 8 charges Yaroslav Vasinskyi, 22, a Ukrainian national, with conducting ransomware attacks against multiple victims, including the July 2021 attack against Kaseya, a multi-national information technology software company. The department also announced today the seizure of $6.1 million in funds linked to the attacks.

Major Comics Distributor Regains Access to Its Website Following A Ransomware Attack

GamesRadar: The comic book world of Superman and Batman were attacked by ransomware earlier this week. The attack affected one of the print comic books’ largest distributors, Diamond Comic Distributors. Diamond Comics updated the report saying that they have regained access to some of the systems initially taken down as part of what the company confirmed was a third-party ransomware attack that began on Nov. 5. On Nov. 11, Diamond reported that it regained access to its main website (, and it is now functioning for public usage.

In Case You Missed It

SonicWall Answers the Call with New NGFWs

Filling an urgent need for greater cybersecurity, SonicWall completes 17 new Gen-7 firewalls in less than 18 months.

If we’ve learned anything during the unprecedented surge of malware and ransomware this year with 70% of full-time workers working from home in hybrid multi-cloud environments – we’re more vulnerable than ever.

According to a new report we published titled The Year of Ransomware, there have been 495 million known ransomware attacks so far this year, a stunning 148% increase year-over-year. That puts 2021 on track to be the worst year for cybersecurity we’ve ever recorded and leads us to predict that the pace of attacks will grow worse.

Not only are there more attacks, but the variants of malware used to attack our networks have also increased. For example, in the third quarter of this year, SonicWall customers experienced 1,748 ransom attempts. That means there were 9.7 ransomware attempts per customer for each business day. Worse yet, there were 307,516 “never-before-seen” malware variants – a 73% increase over previous years.

More variants together with a greater number of hits mean higher consequences for all of us. Obviously, any grace period we may have enjoyed from enforcing stricter cybersecurity and better technology has come to an abrupt end.

What is needed today is a rapid evolution of the way we conduct cybersecurity. Not only will we have to change our behavior with better personal security practices, but we must also deploy more innovative technology that has the capacity and durability to meet the urgent call for better protection.

SonicWall Answers the Call

We’re not talking about re-embracing next-generation firewalls (NGFW). Instead, we’re looking to launch the power and flexibility of 7th generation advancements that bring enterprises to a level where they can stop attacks from many vectors. Our vision for cybersecurity is to protect organizations from the broadest spectrum of intrusions, pre-emptively reduce cyber risk, and achieve greater protection across devices, new perimeters and network segments more efficiently while lowering the total cost of ownership.

The big news is that we launched 17 new Gen-7 NGFWs in less than 18 months. So, whether you’re a small business or a large enterprise in your home or the cloud, you’ll benefit from our relentless dedication to bring you NGFWs that offer the security, control, and visibility you need to maintain an effective cybersecurity posture.

New NSa 5700 and NSsp 10700/11700 models are designed for enterprises, governments and MSSPs quadruple performance.

The SonicWall Network Security Appliance (NSa) 5700 and Network Security Services Platform (NSsp) 10700/11700 complete the introduction of our Gen-7 NGFWs. They run on the new SonicOS 7 and include advanced networking features such as high availability, SD-WAN and dynamic routing. These firewalls were bred to meet the current high-demand cybersecurity landscape with combined validated security effectiveness and best-in-class price performance in a single rack unit appliance.

Our Gen-7 NGFWs protect all types of business no matter the size with comprehensive, integrated security services, such as malware analysis, encrypted traffic inspection, cloud application security and URL filtering. In addition, the entire line of 17 NGFWs is ready to be quickly managed by SonicWall’s cloud-native Network Security Manager (NSM), which gives distributed enterprises a single, easy-to-use cloud interface for streamlined management, analytics and reporting.

Gen-7 pushes security and performance thresholds to protect the educational institutions, financial industry, health care providers, service providers, government agencies and MSSPs. The following NGFW line-up is designed for small, medium, and the largest enterprises to protect their assets in data centers, virtual environments, and the cloud.

Entry-level NGFWs: SonicWall TZ firewalls protect small business or branch locations from intrusion, malware and ransomware with an easy-to-use, integrated security solution designed specifically for your needs. TZ series includes five models; 270, 370, 470, 570 and 670; delivering enterprise-grade protection without cost or complexity.

Mid-range NGFWs: Our Gen-7 Network Security Appliance (NSa) offers medium- to large-sized enterprises industry-leading performance at the lowest total cost of ownership in their class. NSa series consists of five models; 2700, 3700, 4700, 5700 and 6700; and includes comprehensive security features such as intrusion prevention, VPN, application control, malware analysis, URL filtering, DNS Security, Geo-IP, and Bot-net services.

High-end NGFWs: Gen-7 Network Security services platform (NSsp) High-End Firewall series delivers the advanced threat protection, fast speeds, and budget-friendly price that large enterprises, data centers, and service providers’ demand. NSsp series consists of four models, 10700, 11700 and 13700, including high port density and 100 GbE interfaces, which can process several million connections for zero-day and advanced threats.

Virtual Firewalls: Gen-7 NSv Series virtual firewall is built to secure the cloud and virtual environments with all the security advantages of a physical firewall, including system scalability and agility, speed of system provisioning and simple management in addition to cost reduction. NSv series consists of three models; 270, 470 and 870; securing virtualized compute resources and hypervisors to protect public clouds and private cloud workloads on VMware ESXi, Microsoft Hyper-V, Nutanix and KVM.

Powered by the new SonicOS/OSX 7

SonicWall Gen-7 NGFWs run on SonicOS/OSX 7, the latest version of our new SonicOS operating system. This OS was built from the ground up to deliver a modern user interface, intuitive workflows and user-first design principles. In addition, it provides multiple features designed to facilitate enterprise-level workflows, easy configuration, and simplified and flexible management — all of which allow enterprises to improve security and operational efficiency.

SonicOS/OSX 7 features:

Read more details about the new SonicOS/OSX 7.

Overall Solution Value

SonicWall’s award-winning hardware and advanced technology are built into each Gen-7 NGFW to give every business the edge on evolving threats. With solutions designed for networks of all sizes, SonicWall firewalls are designed to meet your specific security and usability needs, all at a cost that will protect your budget while securing your network.

To learn more about the SonicWall Gen-7 NGFW, click here.

Illuminating Cybersecurity with Unified Insights

SonicWall delivers cross-product security visibility and greater efficiency with a single pane of glass.

Gone are the days when cybersecurity managers have to rely on individual product monitors to determine the security status of their networks. Instead, the increase in threats and attack vectors, the rise in the cost of operations and the shortage of skilled IT candidates make it necessary to leverage a unified workspace that delivers clarity and actionable insights all in one interface. In addition, they now want the means to give their security teams the ability to drill through analysis quickly and springboard into their investigations more efficiently.

But what is it that will truly drive value for administrators and analysts? What is it that makes up such a unified workspace? Our customer research has shown us that it comes down to:

  1. A Unified Workspace – where the entire team can work together under a single pane of glass with complete insights from the network, endpoints, and cloud security controls.
  2. Customizable Insights – administrators and analysts need actionable insights, but what is actionable tends to vary; customization is required for each environment.
  3. Context-aware Investigations – insights are helpful, but they only give us the tip of the iceberg. Security administrators often need to dig deep to identify the root cause and review other additional indicators through context-aware investigative workflows.

Introducing Capture Security Center (CSC) Unified Insights

When we launched Capture Security Center (CSC), our vision was to create a platform that delivers standardized and unified experiences. CSC’s design offers the proper foundation for managing all aspects of the network ecology. The introduction of Unified Insights adds a streamlined cross-platform experience for everyone including CISOs, SOC administrators, security analysts, auditors, compliance managers and more.

Unified Insights is designed as a unified workspace for security teams of all sizes – from the small-medium businesses to enterprises to MSSPs – that delivers actionable insights in a single pane of glass across SonicWall’s Firewall, Endpoint, Wireless and Switch lines of products. In this first version, Unified Insights delivers unified dashboards with data from supported cloud-based platforms – currently, this includes Network Security Manager (SaaS), Capture Client, and Wireless Network Manager.

With Unified Insights, administrators gain a default dashboard configured with recommended charts based on what subscriptions are active in their tenant. Team members can customize their dashboard to a layout of their choice with graphs of their preference based on their tenants’ entitlements. The rich library of charts for each product area will continuously expand as the SonicWall portfolio evolves. Members of the same organization can also view dashboard layouts created by their colleagues to inspire more productive workspaces.

Every graph is clickable and supports drill-down investigations to the individual products that generated the data. For example, if a team member sees something that catches their attention, they will click a graph, icon, or list to see cumulative data they need to make an analysis. In addition, administrators can create a portable snapshot of the dashboard to be sent to business stakeholders or customers as part of a periodic “State of Security” report.

A Free Beta Test for all NSM SaaS Subscribers

CSC Unified Insights is currently in beta and automatically activated at no additional cost for all subscribers of NSM SaaS to manage their firewalls, Capture Client, or Wireless Network Manager to manage their SonicWall access points and switches. So, take it for a spin and participate in our Beta community, where you can ask questions or provide feedback and help drive the future of the product.

We’re at the beginning of this new development for Unified Insights. Our vision is to provide security and management teams the best single workspace they need for reporting, analytics, and incident management. With, Unified Insights, we continue to drive the Boundless cybersecurity model for our customers, and we invite you to be a part of that evolution!

For more information, read the datasheet.

Cybersecurity News & Trends

SonicWall’s latest cybersecurity report titled The Year of Ransomware circulated through news outlets worldwide with the eye-catching headline: “148% surge in global ransomware attacks.” In industry news, the US offers a $10 million bounty on hacker groups responsible for the Colonial Pipeline attack. In contrast, nervous hackers apologize to Arab royal families for exposing private information and defend their “industry” after US investigators bring down REvil.

SonicWall in the News

Euro Police Swoop in on 12 Suspected Ransomware Gang Members

Infosecurity Magazine: Twelve threat actors were singled out by Europol last week in a significant ransomware operation targeting multiple organized crime groups. The unnamed suspects may have been involved in deploying LockerGoga, MegaCortex and Dharma malware. According to SonicWall data released last week, the number of ransomware attacks in the first three quarters of 2021 surged 148% year-on-year to reach 470 million.

SonicWall: ‘The Year of Ransomware’

Dark Reading: Citing SonicWall’s “The Year of Ransomware” report, there was a 148% surge in global ransomware attacks (495 million) year to date. The third-quarter surge makes 2021 the worst year SonicWall has ever recorded.

SonicWall VP Discusses SASE And Zero Trust

Security Brief Asia: Announcing Techday’s 10 Minute IT “jam” for an in-depth discussion on insights into technology in the Asia-Pacific region. The video featured SonicWall Vice President of Products, Jayant Thakre, discussing firewalls, network security, cloud security and more.

Ransomware Soars 148% to Record-Breaking Levels in 2021

InfoSecurity: The volume of ransomware attacks over the first three quarters of 2021 reached 470 million, a 148% increase on the same period last year, making 2021 already the worst year on record, according to SonicWall.

500 million Attempted Ransomware Attacks (So Far)

MSSP Alert: SonicWall expects to record 714 million attempted ransomware attacks by the close of 2021, according to the company’s latest cybersecurity report titled “The Year of Ransomware.”

Ransomware Attacks Increased 148% In Q3 2021, Showing No Sign of Slowing

Help Net Security: SonicWall recorded a 148% increase in global ransomware attacks through the third quarter (Q3) of 2021. With 470 million ransomware attacks logged by the company this year, 2021 will be the most costly and dangerous year on record.

The Terrifying Truth About Ransomware

Security Boulevard: Headlines are screaming with ransomware attacks and the ever-increasing payout demands. According to SonicWall, ransomware attacks have risen 158% in North America and 62% worldwide between 2019 and 2020.

Industry News

$10 Million Reward for Information on DarkSide Ransomware Group

The Hacker News: Responding to the Colonial Pipeline attack earlier this year, the US government on Thursday announced a $10 million reward for information that may lead to the identification or location of the leaders of the DarkSide ransomware group. The bounty includes any of the DarkSide rebrands. Additionally, the US State Department offers rewards of up to $5 million for intel and tip-offs that could result in the arrest and conviction in any country of individuals who are conspiring or attempting to participate in intrusions affiliated with the transnational organized crime syndicate.

Washington Sets Record for Data Breaches And Ransomware Attacks

Seattle Times: So far, in 2021, the citizens of the State of Washington have seen 6.3 million notices of data breaches. According to State Attorney General Bob Ferguson, this is a record for the state with 280 data breaches reported, blowing past the previous record of 78 and last year’s total of 60. The report says that the previous record for breach notices was set in 2018, with 3.5 million messages sent.

US Cyber Command Carries Out A ‘Surge’ To Address Ransomware Attacks

CNN: US Cyber Command head and director of the National Security Agency Gen. Paul Nakasone said Wednesday that the US had “conducted a surge” over the past three months to address the problem of ransomware attacks on US interests. Nakasone said the US government had aimed at funding sources for ransomware operatives, many of whom are based in Russia and Eastern Europe and who have made millions extorting US companies.

Nintendo Switch Hacker Gary Bowser Pleads Guilty, Will Pay $4.5 Million

ScreenRant: Gary Bowser, nicknamed the Nintendo Switch hacker by the news media, has pled guilty to charges and will pay $4.5 million. The case related to Bowser’s hacking of Nintendo’s portable console called “Switch.” In 2020 Nintendo began pursuing groups of hackers illegally breaking into Nintendo Switch consoles and selling kits through the internet. In May 2020, Nintendo filed lawsuits against the Switch hackers, leading to a legal battle that lasted nearly a year.

Ukraine Charges 5 Hackers Allegedly Working for Russia

NC Advertiser: Ukraine has filed espionage charges and attempted state overthrow against five people who allegedly were part of a hackers group controlled by Russia. The Security Service of Ukraine said Friday that the hackers’ group known as “Armageddon” was responsible for some 5,000 cyberattacks on Ukrainian state agencies since 2014.

Hackers Gained Access to Mysa Gov Accounts, Including License and Rego Details

ZD Net: This week, South Australia’s Department for Infrastructure and Transport confirmed that mySA Gov accounts were compromised through a cyber-attack. mySA Gov is the South Australian government’s online platform and app that provides residents with single account access for the state’s services, such as checking into a venue or completing transactions for vehicle registration.

Hackers Apologize to Arab Royal Families for Leaking Their Data

Vice: In October, the infamous ransomware gang known as Conti released thousands of files stolen from the UK jewelry store Graff. Among the data Conti leaked, sensitive information belonging to celebrities like David Beckham, Oprah Winfrey, and Donald Trump. And, according to The Daily Mail, there was also information belonging to the UAE, Qatar, and Saudi royal families. Now, the hackers would like the world to know that they regret their decision, perhaps partly because they released files belonging to very powerful people. The quote of the day comes from Allan Liska, a cybersecurity researcher: “Bluntly, UAE sends assassination teams to deal with people they don’t like. Even ransomware groups are subject to political pressure.”

Ransomware Hackers Nervous, Allege Harassment from the US

NBC News: After US agents down REvil, a major ransomware group, nervous hackers try a little rational argument to defend their practice of holding computers for ransom. Several ransomware gangs posted lengthy anti-U.S. screeds, viewed by NBC News, on the dark web. In them, they defended their practice of hacking organizations and holding their computers for ransom. They appear prompted by the news, reported Thursday by Reuters that the FBI had successfully hacked and taken down another major ransomware group called REvil.

While the REvil takedown was the first of its kind made public, nobody expects that this one act will curb ransomware attacks. However, the reaction from fellow hackers is also notable. The Conti Group — which recently begged forgiveness for a previous hack that exposed prominent Arab royalty while they regularly lock down hospital computers and hold them for ransom — wrote that it would be undeterred by the US action and that hackers are the actual victims.

In Case You Missed It

How Unified Cloud Simplifies Network Switch Management.

SonicWall Wireless Network Manager (WNM) unifies and simplifies network switches, access points, and network-wide configuration control.

Network managers are busy and getting busier. Not only do they have record-breaking cyberthreats and new security mandates piling up, but they also have the day-to-day tasks of managing resources, provisioning assets, and monitoring the entire network ecology. Then there are the productivity issues of having to do it all and not get lost in layers of software accounts and user interfaces.

Network switches help control the complexity. Switches are an essential tool for connecting computers, servers, and other network resources. They’re also a primary means of controlling devices and traffic and adjusting a network’s security profile whenever necessary.

Unified cloud management is the natural next step in managing network switches. At a very simple level, unified cloud management facilitates configuration and monitoring thousands of switch ports instantaneously over the web. But, dive deeper, and there is you a panoply of capability and functionality that allow IT teams to work smarter – accomplishing major tasks with just a few simple clicks on a cloud-based interface and without deploying a staff of on-site smart hands to guide processes.

Next Level Network Switch Management

SonicWall Wireless Network Manager (WNM) is the “next level” unified cloud management system. WNM is designed to give IT teams an intuitive tool for one-touch wireless and switching network management capabilities while giving them data-rich analytics and easy onboarding workflows from a single pane of glass. In addition, WNM’s cloud-based infrastructure helps simplify access, control and troubleshooting by unifying multiple tenants, locations and zones.

From one interface, managers provision remote sites, deploy network-wide configuration changes and manage campus and distributed networks. SonicWall WNM significantly reduces dedicated technical training and deploying dedicated staff to smart-touch devices and other resources by working via the cloud.

In addition, cloud-managed switches and access points have additional cloud-based management functionality. For example, they automatically discover wired and wireless devices connected to a network and then draw the topology that enables network administrators to troubleshoot issues remotely quickly.

WNM supports thousands of SonicWave Access points and SonicWall Switches without the cost of complex overlay management systems. With the release of WNM 3.5, administrators can control SonicWall switches and existing SonicWave access points all at once. Onboarding and deployment of SonicWall switches and access points are automatic and networks are up in minutes.

Single-pane-of-glass Network Management

We mentioned WNM’s single-pane-of-glass design. What this means is that WNM provides an intuitive dashboard that not only simplifies control but also unifies visual data. In addition, it comes as an integrated part of the SonicWall Capture Security Center ecosystem, where IT teams can efficiently and effectively manage just about every aspect of networks of any size.

Administrators can drill down to specific managed devices for granular data and status, plus examine a detailed view of network hierarchy right down to single policies created at the tenant level that are pushed down to various locations and zones. In addition, WNM is highly scalable, from a single site to global enterprise networks with tens of thousands of managed devices supporting multiple tenants.

Stable and Reliable Operations

WNM delivers the stability and reliability of the cloud. During an Internet outage, access points and switches can continue to work without WNM, ensuring business continuity. Two-factor authentication and packet encryption heighten security. Automatic firmware and security updates keep managed devices up to date. Selectively apply Production, Beta or Patch firmware on each managed device as needed. Automatically send reports to multiple recipients at the same time.

Zero-Touch Deployment and Advanced Analysis Tools

With WNM and Zero-Touch Deployment, an array of SonicWall switches can be up and running in minutes. Register and onboard the devices from anywhere with the SonicExpress app. Plus, WNM’s topology tool provides network topology maps and managed device statistics for quick visual analysis of every aspect of the network.

Lower Total Cost of Ownership

SonicWall Wireless Network Manager drives down the total cost of ownership by shifting capital expenditures to operating expenses. Wireless Network Manager cuts out the cost and maintenance of redundant hardware-based controllers and optimizes data center rack space. In addition, its intuitive interface reduces training and administrative overhead costs.

Even with a limited staff, and no matter the size of your network, SonicWall Wireless Network Manager offers unified visibility and control in a secure, Wi-Fi cloud-managed solution. To learn more, visit