Cybersecurity News & Trends Blog Cover
SonicWall Staff

Cybersecurity News & Trends – 11-19-21

By

SonicWall’s widely quoted threat reports (The Year of Ransomware and Mid-Year Update to the 2021 Cyber Threat Report) are still attracting US and European journalists and editors. This week, SonicWall scored another big hit with a report from Wall Street Journal. In industry news, the previously mentioned article in Wall Street Journal reports on the possible extradition of a Russian entrepreneur to the US. Meanwhile, US Government cybersecurity initiatives lean hard on partnerships with corporations and academia, banking regulators push hard on banks to report breaches quickly, the US House approves an additional $500 million for cybersecurity funding, and insurance companies run away.

SonicWall in the News

US Accuses Russian of Money Laundering for Ryuk Ransomware Gang

Wall Street Journal (US): A Moscow entrepreneur was detained during a vacation abroad this month and is now facing extradition to the US on charges that he helped a notorious Russian ransomware group launder payments. Denis Dubnikov, a Russian citizen, was expelled from Mexico and placed on a plane to Amsterdam, where Dutch police arrested him on Nov. 2 on a US charge of conspiracy to commit money laundering, according to his lawyer Arkady Bukh. Dubnikov, 29 years old, is being sought to stand trial as part of a Federal Bureau of Investigation investigation of Ryuk, which was linked to one-third of all US ransomware attacks in 2020, according to cybersecurity firm SonicWall.

Cryptojacking – A Poison For Latin America’s Digital Economy

Intelligent CIO (Brazil): Arley Brogiato, Sales Director, SonicWall Latin America, explains the risk of cryptojacking in the region. Like a pest that silently gnaws at corporate IT, cryptojacking does unnoticed, unconfronted and unresolved damage. This expression comes from the word ‘crypto,’ from cryptocurrencies and ‘jacking,’ which refers to something used illegally.

Sonicwall: ‘Largest Platform Evolution In Company History’ Unifies Cloud, Virtual & Hardware Portfolio

Scoop Sci-Tec (Singapore): SonicWall today announced the latest additions of its Generation 7 cybersecurity evolution, the largest in the company’s 30-year history. Driven by this innovation, SonicWall unifies cloud, virtual and hardware offerings across a single and fully integrated cloud-powered platform.

Toronto Transit Commission Still Recovering from Ransomware Attack

IT World (Canada): IT staff at the Toronto Transit Commission (TTC) are still dealing with the effects of a ransomware attack that was detected just as the weekend started. In a report released Friday, SonicWall said that it had logged 495 million ransomware attempts so far this year to date. At that rate, it said, 2021 will be the most costly and dangerous year on record.

Ransomware: How to Mitigate Attacks

ARN-IDG (US): Ransomware is a form of malicious software that encrypts a user’s sensitive data when deployed on a device. The victim is asked to pay a ransom to the attacker, usually in Bitcoin, to secure a decryption key or initiate a decryption process. Posted by Jeff Marshall, Country Manager & Regional Director.

Mitiga Releases Cloud Incident Readiness and Response Solution for Ransomware Attacks

CISION (US): Ransomware attacks are on the rise worldwide, increasing in complexity as cyberattackers adapt to defensive strategies. Recent research by SonicWall shows that ransomware attacks reached 304.7 million in the first half of 2021, exceeding the 304.6 million attacks logged in all of 2020.

Be Cyber Smart and Lock It Down

ELE Times: According to the widely quoted Mid-Year Update for the 2021 SonicWall Cyber Threat Report, ransomware attacks rose to 304.6 million in 2020, up 62% over 2019. The increase occurred as more of the US workforce started working from home due to the pandemic. There were also 226.3 million ransomware attacks through May of this year, up 116% year to date over last year. Author: Debasish Mukherjee: Vice President, Regional Sales APAC at SonicWall.

Industry News

NSA Director: Evolving Cyber Threats Require Deeper Public-Private Partnerships

Nextgov: The government has long leaned on partnerships with companies and academia to advance technology, but according to one top cybersecurity leader, the complexities of the modern conflict landscape warrant cross-sector collaboration that goes deeper than any before. “I do think that there is a realization that we can’t do this alone,” Gen. Paul Nakasone said Tuesday night at an Intelligence and National Security Alliance-hosted dinner in Virginia. “So, this partnership has to exist—and it’s got to get even more powerful.”

Banks Ordered to Promptly Flag Cybersecurity Incidents Under New US Rule

Reuters: US banking regulators on Thursday finalized a rule that directs banks to report any significant cybersecurity incidents to the government within 36 hours of discovery. Separately, the banking industry said it had completed a massive cross-industry cyber security drill that aims to ensure Wall Street knows how to respond in the event of a ransomware attack that threatens to disrupt a range of financial services.

More Than $500M For Cybersecurity Included in Sweeping House-Passed Package

The Hill: The House approved more than $500 million in cybersecurity funding on Friday as part of its version of President Biden’s roughly $2 trillion Build Back Better package. The social and climate spending bill, passed by a narrow vote of 220-213, would primarily funnel those funds to the Cybersecurity and Infrastructure Security Agency (CISA) to help address issues including cybersecurity workforce training and state and local government cybersecurity.

Beware the Chinese Ransomware Attack with No Ransom

Bloomberg: A breach by Chinese hackers of almost a dozen targets in Taiwan looked, on the surface, like just another ransomware attack: infiltrate a network, encrypt a ton of files, lock the owners out of their systems, and wait to be paid. But this one was different for what it didn’t contain and portends a type of threat that could hinder attempts by corporate and government leaders to make their computer systems more secure. Companies like the semiconductor maker Powertech Technology Inc., communications provider Chunghwa Telecom Co., plastics conglomerate Formosa Petrochemical Corp. and state-run petroleum company CPC Corp. were among those hit in May 2020 by the Chinese Winnti group. Last year, seven members were indicted by the US for a series of attacks that allegedly affected more than 100 high-tech and online gaming companies globally.

North Korean Hacking Group Targets Diplomats, Forgoes Malware

Dark Reading: A North Korean cyber-operations group has increased its focus on cyber espionage and targeting diplomats and regional experts, using captured user credentials to fuel phishing attacks and only rarely using malware to persist in targeted organizations. A new report found that the North Korean group mainly targets individuals in the United States, Russia, and China, and usually attempts to quietly harvest credentials, siphon off information, and — like many attacks attributed to North Korea — turn compromises into financial gain.

Iran-Backed Hackers Exploited Microsoft, Pose Major Cyber Threat

Fox News: Law enforcement agencies in the U.S., Britain, and Australia have issued a joint statement labeling an Iran-sponsored group as a serious threat to cyber security. The Cybersecurity and Infrastructure Security Agency (CISA), FBI, Australian Cyber Security Center (ACSC), and British National Cyber Security Center (NCSC) released a joint cybersecurity advisory Wednesday that linked a group of hackers to the Iranian government.

Hackers Deploy Linux Malware, Web Skimmer on E-Commerce Servers

Bleeping Computer: Security researchers discovered that attackers are also deploying a Linux backdoor on compromised e-commerce servers after injecting a credit card skimmer into online shops’ websites. The PHP-coded web skimmer (a script designed to steal and exfiltrate customers’ payment and personal info) is added and camouflaged as JPG image files common folders. The attackers use this script to download and inject fake payment forms on checkout pages displayed to customers by the hacked online shop.

Businesses Worried About Cyberattacks During the Holidays

CBS News: After a year of headline-grabbing ransomware attacks, businesses say they’re worried about the possibility they’ll face cyber intrusions this holiday season, a time when many of their cybersecurity operations rely on skeleton staffing. A whopping 89% of the respondents from the US, U.K., France, Germany, Italy, Singapore, Spain, South Africa, and UAE indicated that they were concerned about a repeat cyber intrusion ahead of the holiday season. However, 36% said they had no “specific contingency plan in place to mount a response.”

Insurers Run from Ransomware Cover as Losses Mount

Reuters: Insurers have halved the amount of cyber cover they provide to customers after the pandemic, and shift toward work-at-home drove a surge in ransomware attacks that left them smarting from hefty payouts. Major European and US insurers and syndicates operating in the Lloyd’s of London market face increased demand. They have been able to charge higher premium rates to cover ransoms, repair hacked networks, business interruption losses, and even PR fees to mend reputational damage.

In Case You Missed It

SonicWall Staff