Cybersecurity News & Trends

/0 Comments/in /by

As predicted, cyber-attacks are rising just as the Ukrainian crisis heats up. As a result, news organizations worldwide are quoting the 2022 SonicWall Cyber Threat Report, topping the best first-day launch in the report’s history. The report found itself in the pages of notable publications like The Seattle Times, The Register, The Telegraph, ZDNet, and The Express. In industry news, turmoil in Ukraine highlights a new round of “wiper” attacks. Ukraine also took the unusual step of asking for the hacker underworld to help protect their infrastructure. Also, as it turns out, cybersecurity burnout is a real thing now, Iranian hackers are stealing passwords, and a cyber firm in Beijing says a US hacker group is targeting research organizations in India, Russia, and China.

SonicWall News

Ukraine Hit by DDOS Attacks, Russia Deploys Malware

The Register: Bill Conner, CEO of firewall firm SonicWall, told The Register: “Cyberattacks can be leveraged to cause financial loss, create disruption and misdirection, and in extreme cases take down critical infrastructure. Those are key ingredients for causing unrest in any situation, regardless of the parties involved.”

Boris Johnson Announces Extra Defensive Weapons Are Being Sent To Ukraine

The Telegraph (UK): Cyberattacks could be used as a “key ingredient” to prompt unrest amid the current diplomatic crisis around the escalating situation in Ukraine, a former adviser to GCHQ has said. Bill Conner, the SonicWall chief executive and former advisor to GCHQ, said such activity can be leveraged to “cause financial loss, create disruption and misdirection, and in extreme cases take down critical infrastructure.”

SonicWall Cyber Threat Report Highlights That Ransomware Attacks Doubled In 2021

Continuity Central: SonicWall has released its 2022 Cyber Threat Report. This details a sustained surge in ransomware with 623.3 million attacks globally. Additionally, nearly all monitored threats, cyber-attacks and malicious digital assaults rose in 2021, including ransomware, encrypted threats, IoT malware, and cryptojacking.

SonicWall: Ransomware Attacks Increased 105% In 2021

Tech Target: Cybercriminals are becoming bolder and more prolific in developing and deploying ransomware attacks. According to researchers at SonicWall, who said in its annual threat report that ransomware attacks over the last year have grown by an eye-watering 105%, with 20 attacks being attempted every second.

SonicWall Threat Intelligence Confirms 981% Increase of Ransomware Attacks in India

Ele Times (India): SonicWall, the publisher of the world’s most quoted ransomware threat intelligence, today released the 2022 SonicWall Cyber Threat Report. The bi-annual report details a sustained meteoric rise in ransomware with 623.3 million attacks globally. Nearly all monitored threats, cyberattacks and malicious digital assaults rose in 2021, including ransomware, encrypted threats, IoT malware and cryptojacking.

Report: Ransomware, Attacks on Networks Soared In 2021

DC Velocity: Business leaders are worried about the growing volume of malicious attacks on IT networks, and are especially concerned about supply chain vulnerability in 2022, according to a report from cybersecurity firm SonicWall, released this month. The company’s 2022 Cyber Threat Report tracked a 232% increase in ransomware globally since 2019 and a 105% increase from 2020 to 2021. Ransomware is malware that uses encryption to hold a person or organization’s data captive, so they cannot access files, databases, or applications. According to the report, such attacks in the US were up 98% last year and up 227% in the UK.

Security Spend to Reach $1 Billion In Brazil In 2022

ZDNet: With over 33 million intrusion attempts in 2021, Brazil is only behind the US, Germany and the UK in terms of ransomware attacks, according to a cyber threats report released by SonicWall. In 2020, Brazil ranked ninth in the same ranking, with 3,8 million ransomware attacks. According to the SonicWall report, Brazil stands out regarding the number of malware attacks. In this category, attacks in Brazil increased over 61% in 2021, with 210 million attacks in 2021, compared to approximately 130 million seen in the prior year.

Companies Prepare as Threat of Russian Cyberattacks Increases

Seattle Times: According to an annual report from internet security company SonicWall, ransomware volume increased 232% in the last two years. It reported there were more than 623 million ransomware attacks in 2021. SonicWall found that new types of malware detected also increased 65% year over year.

Washington Companies Prepare as Threat of Russian Cyberattacks Increases

The Chronicle: As major American businesses prepare for possible Russian-led cyberattacks, some Northwest information security experts raise the alarm while others argue many companies are already prepared. According to a new report from SonicWall, ransomware volume increased 232% in the last two years. The annual report also reported more than 623 million ransomware attacks in 2021. In addition, new types of malware detected also increased 65% year over year.

Weekly Threat Report 18th February 2022

National Cyber Security Center (UK): Ransomware attacks more than doubled in 2021. According to an analysis by researchers at SonicWall, the volume of ransomware attacks rose by 105% in the last year. A total of 623.3 million attempted incidents were recorded in 2021.

22 Very Bad Stats on The Growth Of Phishing, Ransomware

Venture Beat: The report comes after several major cybersecurity firms had released data on just how bad things got last year when it came to cyberattacks. For instance, SonicWall reported that the total number of ransomware attacks more than doubled in 2021 — jumping 105% during the year compared to 2020. CrowdStrike, meanwhile, disclosed that data leaks related to ransomware surged 82% in 2021, while the average ransom demand grew 36% to $6.1 million.

Britons Hit By Terrifying Crypto Crime Surge – Attacks Up More Than 500 Percent

Daily Express (UK): A new form of cybercrime, which sees hackers hijack online devices to steal and mine crypto, has become increasingly common worldwide. According to SonicWall, global crypto-jacking crimes rose by almost one-fifth to 91.7 million cases. In the UK, attacks have skyrocketed by 564 percent, rising from less than 66,000 in 2020 to over 436,000 in 2021.

Industry News

New Destructive Malware Used in Cyber Attacks on Ukraine

Security Intelligence: IBM’s Security X-Force reported a wiper malware — a destructive family of malware designed to permanently destroy data from the target — executing on systems belonging to Ukrainian organizations. Analysts obtained a sample of the wiper named HermeticWiper. It uses a benign partition manager driver (a copy of empntdrv.sys) to perform its wiping capabilities corrupting all available physical drives’ Master Boot Record (MBR), partition, and file system (FAT or NTFS). This is not the first wiper malware targeting Ukrainian organizations X-Force has analyzed. For example, in January 2022, X-Force analyzed the WhisperGate malware and did not identify any code overlaps between WhisperGate and HermeticWiper. Several other outlets also reported and expanded this story, including The GuardianHelp Net SecurityBBC, and ZDNet.

Ukraine Asks For S Korea Cybersecurity Aid Amid Russia Invasion

Reuters: Top Ukraine security officials in the Republic of Korea (South Korea) said on Friday that his country is requesting Seoul’s assistance in boosting its cybersecurity capability to defend against Russian attacks. As missiles pounded the Ukrainian capital and Russian forces pressed their advance after launching attacks on Thursday, Kyiv asked for more help from the international community. Dmytro Ponomarenko, Ukraine’s ambassador-designate to South Korea, said the websites of the country’s governmental institutions were suffering from Russian attacks. A global cybersecurity firm has also noted that a newly discovered piece of destructive software circulated in Ukraine and has hit hundreds of computers, part of what was deemed an intensifying wave of hacks aimed at the country. Reuters also reports that Ukraine has also asked for help from the hacker underground community to protect critical infrastructure and conduct cyber spying missions against Russian troops, according to two people involved in the project.

Hacker Collective Anonymous Declares ‘Cyber War’ Against Russia, Disables State News Website

ABC News (Australia): Hacker collective Anonymous has disabled several Russian government websites, including the state-controlled Russia Today news service. They had launched cyber operations that briefly took down Russia Today (RT.com) and the websites of the Kremlin, the Russian government, and the Russian defense ministry websites. Russia Today confirmed the attack, saying it slowed some websites down while taking others offline for “extended periods of time.” According to the news outlet, Russia Today’s coverage of the situation in Ukraine has been overwhelmingly from a pro-Russian perspective, showing fireworks and cheerful celebrations in the newly occupied territories.

Cybersecurity Burnout Is Real and It’s Going to Be A Problem For All Of Us

ZDNet: Employers are already facing something of a dilemma when it comes to cybersecurity in 2022. Not only is the number of attempted cyberattacks escalating worldwide, but employers face the added pressure of a tightening hiring market and record levels of resignations that are also affecting the tech industry. The talent battle has already hit cybersecurity particularly hard. According to a survey of more than 500 IT decision-makers by threat intelligence company ThreatConnect, 50% of private sector businesses already have gaps in their company’s fundamental, technical IT security skills. What’s more, 32% of IT managers and 25% of IT directors are considering quitting their jobs in the next six months – leaving employers open to a cacophony of issues across hiring, management, and IT security. And as ZDNet observes, cybersecurity is challenging work, so beware of staff burnout.

Cyberattacks Could Soon Strike the West

Fortune Magazine: Russia is home to some of the world’s most infamous criminal hackers, some of them state-sponsored, so are broader and stronger cyberattacks coming? And could they hit the West? “I think the risk right now is high and rising,” said Derek Vadala, chief risk officer at the US cyber risk rating firm BitSight. He warned that Western companies should ensure their systems are patched against known vulnerabilities. The UK’s National Cyber Security Centre, a division of the GCHQ spy agency, advised Tuesday that British organizations should “bolster their online defenses” as “there has been a historical pattern of cyberattacks on Ukraine with international consequences.” THIS WEEK, the US Department of Homeland Security also launched a “shields up” drive for critical infrastructure against possible Russian actions. They also warned that all US companies are at risk.

Iranian Hackers “Tools” Steal Passwords and Deliver Ransomware

ZDNet: Hackers linked to the Iranian Ministry of Intelligence and Security are exploiting a range of vulnerabilities to conduct cyber espionage and other malicious attacks against organizations worldwide, a joint alert by US and UK authorities has warned. The advisory issued by the FBI, CISA, the US Cyber Command Cyber National Mission Force (CNMF), and the United Kingdom’s National Cyber Security Centre (NCSC) says an Iranian government-sponsored advanced hacking operation known as MuddyWater is going after a wide range of targets.

US Group Hacked Top Research Institutes in India, Russia And China, Says Beijing Cyber Firm

The Hindu (India): A new report from a Beijing-based cybersecurity firm said hackers linked with the US National Security Agency (NSA) were found to have inserted “covert backdoors” that may have given them access to sensitive information in dozens of countries, including India, Russia, China and Japan. Among the reportedly compromised websites listed in the report were those linked to one of India’s top microbial research labs —the Institute of Microbial Technology (IMTech) under the Council of Scientific & Industrial Research — as well as the Indian Academy of Sciences in Bengaluru. In addition, websites linked to the Banaras Hindu University were also hacked into. The Beijing-based cybersecurity firm Pangu Lab released a technical report explaining how it had found the backdoors and attached it to “unique identifiers in the operating manuals of the NSA” that had come to light in the 2013 leak of NSA files by insiders.

In Case You Missed It

 

Shields Up: Preparing for Cyberattacks During Ukraine Crisis

/0 Comments/in , , /by

SonicWall provides real-time protection against HermeticWiper malware and Conti ransomware expected during escalating conflict in Ukraine.

With the recent escalation of events in Ukraine and the resulting sanctions imposed by various Western administrations, there is a dramatically heightened risk of cyberattacks on organizations in the United States, Europe and elsewhere.

State-sponsored threat actors and other cybercriminals will be actively targeting the U.S. and other businesses in an attempt to interfere with their operations, steal or destroy data, and damage infrastructure.

Your organization needs to have a heightened sense of awareness and security during this crisis.

In January 2022, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued Alert (AA22-011A): Understanding and Mitigating Russian State-Sponsored Cyber Threats to U.S. Critical Infrastructure. CISA also began urging U.S. organizations to prepare for data-wiping malware attacks (more below).

At that time, the “Ukraine Cyber Police say they are investigating the use of Log4j vulnerabilities and stolen credentials as another means of access to the networks and servers,” according to Bleeping Computer.

On Feb. 18, CISA shared that the New Zealand National Cyber Security Centre (NCSC-NZ) released a General Security Advisory (GSA) on preparing for cyber threats relating to tensions between Russia and Ukraine.

CISA: Time to ‘Shield Up’

It is critical that you take preemptive measures in anticipation of a surge in cyberattacks targeting your business or organization. CISA has published ‘Shield Up,” which is helpful guidance for organizations of all sizes and their leaders. Some of the steps detailed by CISA include:

  • Reduce the likelihood of a damaging cyber intrusion.
  • Take steps to detect a potential intrusion quickly.
  • Ensure your organization is prepared to respond if an intrusion occurs.
  • Maximize your organization’s resilience to a destructive cyber incident.

Other important steps can make a big difference in deterring and/or detecting attacks, such as setting robust inbound policies on your network perimeter (e.g., preemptively blocking connections or sign-ins originating from Russia or other risky nations) and otherwise taking a highly cautious approach to all inbound traffic, even if it means trading off some performance for security.

SonicWall strongly urges that your organization be in touch with your internal and external cybersecurity professionals and resources to ensure that you are as prepared as you can be for the inevitable increase in cyberattacks.

SonicWall also stresses the importance of layered defenses, like IPS, email security, two-factor authentication and real-time sandboxing, such as Capture ATP with RTDMI. With a defense-in-depth strategy in place, your organization will be better prepared to detect the impact of a zero-day attack or other targeted threats.

SonicWall Protections Against Notable Cyberattacks

Zero-day attacks are becoming a common threat. While they may exploit previously unknown weaknesses, defenders have the advantage of being able to detect anomalous activity in real time, and contain and recover before destructive zero-days disrupt your business or organizations.

SonicWall actively protects organizations from cyberattack types known or feared to be used during the Ukraine-Russia conflict.

HeremticWiper Malware

SonicWall helps organizations proactively defend against emerging threats like HermeticWiper. For instance, SonicWall Capture ATP, with RTDMI, detected HeremticWiper as documented in our SonicAlert, “HermeticWiper Data-Wiping Malware Targeting Ukrainian Organizations.”

HeremticWiper Malware Signature Protection

  • GAV: HermeticWiper.A (Trojan)
  • GAV: HermeticWiper.A_1 (Trojan)

Conti Ransomware

The Conti ransomware gang publicly announced that they would attack any organization that launched a cyberattack against Russian infrastructure. As such, it’s important organizations have protection against Conti ransomware. Both SonicWall Capture ATP with RTDMI and active SonicWall firewall with current signatures are protected from Conti ransomware.

Conti Ransomware Signature Protection

  • GAV: Conti.RSM (Trojan)
  • GAV: Conti.RSM_2 (Trojan)
  • GAV: Conti.RSM_3 (Trojan)
  • GAV: Conti.RSM_4 (Trojan)
  • GAV: Conti.RSM_5 (Trojan)
  • GAV: Conti.RSM_6 (Trojan)

PartyTicket Ransomware

Believed to be deployed in conjunction with the aforementioned data-wiping HeremticWiper malware, SonicWall Capture Labs analyzed the PartyTicket ransomware in the SonicAlert, “A Look at PartyTicket Ransomware Targeting Ukrainian Systems.” The ransomware arrives as an executable Windows file, but overall appears to be unsophisticated ransomware created quickly to take advantage of the current climate.

SonicWall customers are protected from the PartyTicket ransomware variant via the below signature, as well as by real-time Capture ATP with RTDMI and Capture Client endpoint protection.

PartyTicket Ransomware Signature Protection

  • GAV: PartyTicket.RSM (Trojan)

For additional information, please visit sonicwall.com/support or the SonicWall Capture Labs Portal. You may also join discussions on the SonicWall Community.

Capture Client 3.7: Rapid Threat Hunting with Deep Visibility and Storylines

/0 Comments/in , /by

As a threat hunter, your main mission is to understand the behavior of your endpoints and to capture abnormal behavior with rapid mitigation actions. You need the ability to, with a single click, search your fleet for indicators such as those mapped by the MITRE ATT&CK framework. You also need the ability to automate threat hunts for known attacks according to your own criteria.

With SonicWall Capture Client’s new Storylines capability, you can do all this and more, faster than ever before. Let’s take a look.

What is a Storyline?

Capture Client’s Deep Visibility offers rapid threat hunting capabilities thanks to SentinelOne’s patented Storylines technology. Each autonomous agent builds a model of its endpoint infrastructure and real-time running behavior.

The Storyline ID is an ID given to a group of related events in this model. When you find an abnormal event that seems relevant, use the Storyline ID to quickly find all related processes, files, threads, events and other data with a single query.

With Storylines, Deep Visibility returns full, contextualized data — including context, relationships and activities — allowing you to swiftly understand the root cause behind a threat with one search.

Image describing a query

The Storylines are continuously updated in real time as new telemetry data is ingested, providing a full picture of activity on an endpoint over time. This allows greater visibility, enables easy threat hunting and saves time.

Deep Visibility Comes with Ease of Use

Threat hunting in the Management console’s graphical user interface is powerful and intuitive. The Deep Visibility query language is based on a user-friendly SQL subset common on many other tools.

The interface assists in building the correct syntax by providing completion suggestions and a one-click command palette. This saves time and spares threat hunters — even those unfamiliar with the syntax — the pain of remembering how to construct queries.

A visual indicator shows whether the syntax is valid or not, eliminating time spent waiting for a bad query to return an error.

For example, users can search for a common “Living off the Land” technique by running a query across a 12-month period to return every process that added a net user:

Image describing common technique

(We also provide a great cheatsheet to rapidly power up your team’s threat hunting capabilities here.)

Use Case: Responding to Incidents

Suppose you’ve seen a report of a new Indicator of Compromise (IOC) in your threat intel feeds. Has your organization been exposed to it? With Storylines, you can quickly find out with a simple query across your environment. Here’s how:

In the Console’s Forensics view, copy the hash of the detection. In the Visibility view, begin typing in the query search field and select the appropriate hash algorithm from the command palette. Select or type =, then paste the hash to complete the query.

Image describing visibility view

The results will show all endpoints that ever had the file installed. Constructing powerful, threat hunting queries is that simple, even for members of your team with little to no experience with SQL-style syntax.

Deep Visibility = Fast Results

Forget about using query time to grab a cup of coffee: Deep Visibility returns results lightning fast. And thanks to its Streaming mode, you can preview the results of subqueries before the complete query is done.

Deep Visibility query results show detailed information from all your endpoints, displaying attributes like path, Process ID, True Context ID and much more.

With Deep Visibility, you can consume the data earlier, filter the data more easily, pivot for new drill-down queries, and understand the overall story much more quickly than with other EDR products.

Quicker Query of MITRE Behavioral Indicators

Deep Visibility makes hunting for MITRE ATT&CK TTPs fast and painless. It’s as easy as entering the MITRE ID.

For example, you could search your entire fleet for any process or event with behavioral characteristics of process injection with one simple query:

IndicatorDescription Contains “T1055”

There’s no need to form separate queries for different platforms. With Deep Visibility, a single query will return results from all your endpoints regardless of whether they are running Windows, Linux or macOS.

Image describing all results

Stay Ahead with Automated Hunts

Deep Visibility is designed to lighten the load on your team in every way, including giving you tools such as Watchlist, which allows you to set up and run custom threat hunting searches on your own schedule.

Creating a Watchlist is simplicity itself. In the Visibility view of the Management console, run your query. Then, click “Save new set,” choose a name for the Watchlist, and choose who should be notified. That’s it. The threat hunt will run across your environment at the specified timing interval and the recipients will receive alerts of all results.

With Storyline Automated Response (STAR) Custom Rules, you can save Deep Visibility queries or define new ones, let the queries run periodically and get notifications when a query returns results. This helps ensure your organization is secure regardless of whether you or your team are on duty.

Deep Insight at Every Level

Deep Visibility is built for granularity, allowing you to drill down on any piece of information from a query result.

Each column shows an alphabetical, filterable list of the matching items. Expanding the cell displays details; for most of these details, you can open a submenu and drill down even further. Or just use the selected details to run a new query.

Conclusion

As detailed in the 2022 SonicWall Cyber Threat Report, attacks of all types are on the rise. So it’s never been more important to proactively hunt for threats and find suspicious behaviors in its early stages — or to ensure your SOC has the tools to be as agile and efficient as possible.

SentinelOne’s Deep Visibility capabilities are available with Capture Client Premier. Click here for a free trial of Capture Client to see how Deep Visibility’s ease of use, speed and context can greatly improve your mean-time-to-detection and free up your analysts’ time.

Cybersecurity News & Trends

/0 Comments/in /by

Lots of big news today. SonicWall’s upcoming Boundless 2022 global virtual event continues to rack up record registrations. See the video here and visit this page to register. Then there’s the release of the 2022 SonicWall Cyber Threat Report, which had the best first-day launch in its history. Attention garnered by the annual report toppled all previous company records. In industry news, turmoil in Ukraine ratchets up cyber threat fears, Iranians targeting VMWare, hackers targeting US defense contractors, hackers breaking into Microsoft Teams, and much more.

SonicWall News

There’s A Huge Surge In Hackers Holding Data For Ransom

Fortune Magazine: Governments worldwide saw a 1,885% increase in ransomware attacks, and the health care industry faced a 755% increase in those attacks in 2021, according to the 2022 Cyber Threat Report released Thursday by SonicWall, an internet cybersecurity company. According to the report, ransomware also rose 104% in North America, just under the 105% average increase worldwide.

Britain Should Never Seek A ‘Special Relationship’ With The EU, Says Lord Frost

The Telegraph (UK): UK ransomware climbed by 227 percent last year, the just-published SonicWall Threat Report also shows, while attempted cyberattacks also reached a record high.

SonicWall CEO On Ransomware: Every Good Vendor Was Hit In Past 2 Years

The Register: Public and private sectors are under attack as malware evolution accelerates. SonicWall’s annual cyber-threat report shows ransomware-spreading miscreants are making hay and getting quicker at doing so.

Why The Cloud Is A No-Brainer For Startups

Maddyness (UK): The global spike in ransomware due to the pandemic is alarming; according to the SonicWall Cyber Threat Report, there has been a 62% increase in ransomware globally.

Report Finds IoT Malware Attacks Targeting Routers On The Rise

CEPro: Research by SonicWall finds that ransomware attacks more than doubled last year, but IoT malware threats and cybersecurity attacks also continued to climb, hitting 60.1 million such attacks in 2021, the highest number ever recorded by the company in a single year.

Ransomware Attacks Surged 2X In 2021, SonicWall Reports

Venture Beat: new data released today by cybersecurity vendor SonicWall reveals that the total number of ransomware attacks more than doubled in 2021 — jumping 105% during the year compared to 2020.

SonicWall: Ransomware Attacks Increased 105% In 2021

TechTarget: According to researchers at SonicWall, who said in its annual threat report that ransomware attacks have grown by an eye-watering 105% over the last year, with 20 attacks being attempted every second.

Cybercriminals Target Retail With 264% Surge in Attacks

Charged Retail Tech News (UK): Cybercriminals have targeted the retail sector over the past 12 months, with a 264% surge in ransomware attacks on eCommerce and online retail businesses.

Over 620 million Ransomware Attacks Detected in 2021

InfoSecurity: According to SonicWall, corporate IT teams were faced with a triple-digit (105%) growth in ransomware attacks last year to over 623 million.

Threat Actor Adds New Marlin Backdoor to Its Arsenal

InfoRisk (UK): The massive amount of malware strains that cybercriminals can leverage today enables them to “concoct new cocktails capable of thwarting both past and present security systems,” Bill Conner, CEO and president of cybersecurity firm SonicWall, says.

Crypto Crime: UK’ Crypto Jacking’ Attacks Jump 564 Percent in One Year

City AM (UK): Global ransomware attacks doubled to 623m incidents in 2021, with some 91.7m crypto-jacking incidents taking place, up by almost a fifth compared to the previous year, according to a new report from cyber security company SonicWall.

Ransomware Attacks More Than Doubled Last Year

ZDNet: According to an analysis by cybersecurity researchers at SonicWall, the volume of attempted ransomware attacks targeting their customers rose by 105% in 2021 to a total of 623.3 million attempted incidents throughout the year.

Ransomware Data Leaks Saw Major Surge In 2021

ITProPortal: A separate report from SonicWall said that, for the first three quarters of 2021, attempted ransomware attacks grew 148 percent, year-on-year. At the same time, the average ransom demand rose 36 percent to $6.1 million.

Report: Pretty Much Every Type Of Cyberattack Increased In 2021

Planet Storyline: SonicWall’s 2022 Cyber Threat Report has come to some alarming, but likely unsurprising, conclusions: Pretty much every category of cyberattack increased in volume throughout 2021.

Ransomware Attacks Surged 2X In 2021, SonicWall Reports

TECHIO: In the latest indicator of just how severe the ransomware problem became last year, new data released today by cybersecurity vendor SonicWall reveals that the total number of ransomware attacks more than doubled in 2021 – jumping 105% during the year compared to 2020.

Cyberattacks Increased In 2021

TechRepublic: The only category to decrease was malware attacks, but SonicWall said in its report that even that number was deceptive.

Ransomware Attacks Increase 105% In 2021, SonicWall Report Finds

TechDecisions: SonicWall’s Cyber Threat Report reveals that ransomware volume has exploded over the last two years, rising 232% since 2019.

Breaking Comments On Red Cross Cyber Attack

Information Security Buzz: It’s been confirmed the Red Cross cyber attack was the work of nation-state actors. SonicWall’s latest report, released today, confirms this is not a standalone development, revealing a +1885% and +755% of ransomware attacks on the global government and healthcare sectors, respectively.

Ransomware Attacks Are Rising at An Unprecedented Rate

HotHardware: The ransomware threat is rising at an alarming rate, and a new report by SonicWall fleshes out the picture. 2020 alone saw 304 million ransomware attacks. As if that wasn’t enough, the doubling of ransomware attacks in 2021 over 2020 amounts to a total of 623 million ransomware attacks globally in 2021. Together, these two years represent a 232% rise in the volume of ransomware attacks since 2019.

SonicWall Research: Hackers Attempted 623M Ransomware Attacks in 2021

MSSP Alert: Nearly all monitored threats, cyberattacks and malicious digital assaults increased in 2021, according to the 2022 SonicWall Cyber Threat Report.

Healthcare Sector Saw The Largest Increase In IoT Malware Attacks In 2021

SCMagazine: The healthcare sector saw the largest increase in target IoT malware attacks in 2021, according to the latest annual SonicWall Cyber Threat Report. Compiled from data collected from 1.1 million global sources, researchers saw a 71% increase in IoT malware against healthcare clients.

105% Increase Seen in Global Ransomware Attacks, Reports SonicWall

ReadITQuik: The 2022 SonicWall Cyber Threat Report is now out, announced SonicWall. The report identified a 167% year-over-year increase in encrypted threats, a 6% volume rise in IoT malware, totaling 60.1 million hits by year’s end, as well as a ransomware volume rise of 232% since 2019.

SonicWall Releases New Cyber Threat Report 2022

Infopoint Security (De): SonicWall today released their annual Cyber ​​Threat Report for 2022. As the bi-annual report shows, ransomware attacks have increased significantly, with 623.3 million attacks worldwide.

Alarming Rise in Ransomware And Malicious Cyberattacks, With Threats Doubling In 2021

AAS (De): Over 623 million ransomware attacks worldwide – a whopping 105% increase + ransomware attacks up 232% since 2019 + ransomware up a whopping 98% in US and UK respectively.

Industry News

US Companies Warned to Prepare for Russian Cyber Attacks

Defense One: US companies, particularly in the defense industry, should be prepared for an increase in cyberattacks aimed at stealing data or disrupting operations due to new aggressive Russian activity aimed at Ukraine, a top Department of Justice official said on Thursday. The remarks come one day after a recent alert from the FBI, National Security Agency, and the Cybersecurity and Infrastructure Security Agency, or CISA, warning that Russian hackers had hit defense contractors and were likely to continue their attempts.

Ukraine Cyberattack Is Largest of Its Kind In Country’s History, Says Official

CNN: A high-volume cyberattack that temporarily blocked access to the websites of Ukrainian defense agencies and banks on Tuesday was “the largest [such attack] in the history of Ukraine,” according to a government minister. Speaking at a press conference Wednesday, Ukrainian Minister of Digital Transformation of Ukraine Mykhailo Fedorov added that it is too early to tell who was responsible for the attack. However, officials said the distributed denial of service (DDoS) attack — which bombarded Ukrainian websites with phony traffic — was coordinated and well planned.

Iranian Hackers Targeting VMware Horizon Log4j Flaws to Deploy Ransomware

The Hacker News: A “potentially destructive actor” aligned with the government of Iran is actively exploiting the well-known Log4j vulnerability to infect unpatched VMware Horizon servers with ransomware. Cybersecurity firm SentinelOne dubbed the group “TunnelVision” owing to their heavy reliance on tunneling tools, with overlaps in tactics observed to that of a broader group tracked under the moniker Phosphorus as well as Charming Kitten and Nemesis Kitten.

Russian Hackers Have Targeted Defense Contractors to Steal Sensitive Data

Gizmodo: US Intelligence authorities say that a multi-year hacking campaign has resulted in sensitive IT information being stolen from Pentagon-linked defense contractors and subcontractors. According to the report, the goal is to steal sensitive data and information using spear phishing, brute force attacks, credential harvesting, and other typical intrusion techniques. The purpose of the hacking campaigns appears to have been to acquire “sensitive information” about things like US weapons and missile development, intelligence, surveillance, and reconnaissance capabilities, vehicle and aircraft design, and command, control, and communications systems, officials said.

Hackers Circulate Malware by Breaking Into Microsoft Teams Meetings

PC Magazine: Hackers have been spotted infiltrating Microsoft Teams meetings to circulate malware to unsuspecting users. Last month, email security provider Avanan noticed the attacks, which involve hackers dropping malicious executable files on Microsoft Teams through in-session chats. “Avanan has seen thousands of these attacks per month,” the company warned in a Thursday report. The hackers are likely infiltrating Microsoft Teams after first compromising an email account belonging to an employee. The email account can then be used to access Teams meetings at their company. Also reported by Bleeping Computer, if you are one of the 270 million people who use Microsoft Teams every day, it may be time to make sure your account is locked down. Part of the onus here does fall on Microsoft, too. Teams isn’t precisely feature-rich when it comes to security and scanning files for malicious content. The ability for guests and other temporary users to share files also poses a security risk, though that isn’t necessarily how the hackers spread this particular malware.

In Case You Missed It

2021 Threat Intelligence Shows Attacks Rising Across the Board

/0 Comments/in /by

While the world continued to grapple with the challenges of 2020 — such as the ongoing COVID-19 pandemic and the shift to remote work — cybercriminals were building on what they learned that year to become more adaptable and formidable in 2021.

But as cybercriminals followed the moves of an ever-changing world, SonicWall Capture Labs threat researchers followed the movement of cybercriminals, recording where they attacked, who they targeted and what sorts of new techniques they developed. By compiling these findings into the 2022 SonicWall Cyber Threat Report, we’re offering organizations the actionable threat intelligence they need to combat the rising tide of cybercrime.

“It’s imperative to understand the skill set of bad actors to ultimately thwart their increasingly sophisticated and targeted attacks,” SonicWall President and CEO Bill Conner said. “The 2022 SonicWall Cyber Threat Report shines a spotlight on the growing plague of ransomware and other attempts of digital extortion.”

Here are a few of the key findings from the report:

Ransomware

In 2021, SonicWall Capture Labs Threat Researchers recorded 623.2 million ransomware attempts globally, an increase of 105% year over year. This increase was fueled by large volumes of Ryuk, SamSam and Cerber attacks, which together made up 62% of the total ransomware volume.

While the growth in ransomware was unusually aggressive, so were many of the techniques ransomware gangs used to separate legitimate organizations from their money. Double extortion continued to grow in 2021, and terrifying new triple extortion techniques began taking hold as well. Supply-chain attacks and attacks on vital infrastructure also increased, putting pressure on lawmaking bodies around the world to unify against ransomware’s growing threats.

Malware

As attacks of nearly every type have grown over the past couple of years, we’ve been able to count on one silver lining: “Well, at least malware volume is down.” A look at the data for 2021, however, shows signs that this sustained fall may soon be coming to an end.

While malware was still down 4% year-over-year, this is the smallest percentage drop we’ve seen in some time, with a rebound in the second half almost completely erasing the 22% drop recorded for the first half. Moreover, malware didn’t fall everywhere: the UK and India saw increases of 48% and 41% respectively.

Log4j Exploits

From Dec. 11, 2021, through Jan. 31, 2022, SonicWall Capture Labs Threat Researchers logged 142.2 million Log4j exploit attempts — an average of 2.7 million attempts each day. The data shows threat actors pivoting to attack these vulnerabilities at an alarming rate, with large numbers of attempts continuing to this day.

(As a reminder, SonicWall has released a number of signatures to help protect customers against Log4j exploit attempts — if you haven’t yet patched your organization’s internal systems against these vulnerabilities, we strongly urge you to do so.)

Capture ATP and RTDMI

In 2021, SonicWall Capture Advanced Threat Protection (ATP) with Real-Time Deep Memory Inspection (RTDMI)™ became the only solution in ICSA Labs Advanced Threat Defense (ATD) certification history to earn four straight perfect scores, all without a single false positive.

SonicWall’s data on the evolution of Capture ATP and RTDMI shed some light on how we accomplished this feat. In 2021, RTDMI identified 442,151 never-before-seen malware variants, an increase of 65% year over year and an average of 1,221 per day.

Cryptojacking

Given 2021’s record-high cryptocurrency prices, not even mining crackdowns and increased federal scrutiny were enough to keep cryptojacking down. SonicWall Capture Labs threat researchers recorded a 19% year-over-year increase in cryptojacking, amounting to an average of 338 attempts per customer network.

Break Free with SonicWall Boundless 2022

/0 Comments/in , /by

SonicWall is proud to announce Boundless 2022, a worldwide virtual event, Feb. 23 & 24, connecting SonicWall partners with our elite innovators, experts, leaders and special guests. Join us for our largest partner event of the year, offering access to executives, global thinkers in cybersecurity, partner-focused content and the very latest updates on our technology vision.

With cyber threats of almost all types on the rise, the work of cybersecurity professionals has never been more important and potentially more rewarding. Threat vectors have widened so much that the daily battle of keeping our hybrid networks safe now includes securing infinite endpoints buried within multi-variable environments.

We’ve never lost sight of the fact that our partners are on the frontlines doing this hard work every day. Boundless 2022 is SonicWall’s opportunity to huddle with our partners and engage our mutual futures.

We’ve learned a lot, and it’s time to share.

Boundless 2022: A Virtual, Multi-Lingual Experience

Created and produced exclusively for SonicWall partners, we offer unparalleled content, insight, and expert analysis to help you succeed in 2022 and beyond. This year, we are running three regional events to ensure that partners can attend sessions in their time zone. Presentations will be available in multiple languages including English, Portuguese, Spanish, French, German and Italian.

Boundless 2022 offers:

  • Engaging and Informative Keynotes
  • Special Celebrity Guests Penn & Teller
  • Executive Leadership Sessions
  • Threat Landscape Update
  • Product Innovation Insights
  • Regional Partner Breakouts

Hosted by Celebrity Guests Penn & Teller

Boundless 2022’s entertainment comes from the renowned magic team, Penn & Teller, which complements the theme of our partner-focused event.

The legendary magicians have made a long career cutting the magic rulebook in half (they’ve also burned it, boiled it, made it vanish several times). They surprised audiences with their comedy and shocked the performing community with their fun and unabashed approach to presenting, while revealing secrets of stage magic as part of the entertainment.

Similarly, SonicWall seeks to empower its partners to break away from constrained security methodology toward unbound techniques with faster and more cost-effective technology. And like Penn & Teller, we’re removing the shroud of mystery and offering detailed and frank discussions from cybersecurity thought-leaders and SonicWall executives.

PLUS Penn & Teller ask that attendees bring along a deck of cards to the live virtual event so that they may participate in a live magic trick.

Join Us in Your Time Zone and in Your Language

Boundless 2022 registration is now open. Visit the Boundless 2022 website to reserve your virtual seat today!

To learn more about SonicWall and Boundless 2022, please visit www.Boundless2022.com.

Cybersecurity News & Trends

/0 Comments/in /by

SonicWall’s Boundless 2022 global virtual partner event, scheduled for Feb. 23 & 24, is experiencing record registration. See the promotional video HERE and visit this page to register. In general news, the Feds arrest a New York couple for trying to launder $3.5 billion in cryptocurrency and the email that we all received from Equifax (and since deleted) was not a hoax. In other news, Georgia voter registration data is breached, a Nintendo Switch hacker gets more than 3 years in prison and a $14 million bill, and ModifiedElephant has been planting fake digital evidence that gets activists and dissidents arrested.

SonicWall News

Record Registrations for Boundless 2022 Global Virtual Partner Experience

SonicWall is generating a record registration for the Boundless 2022 Virtual Partner Conference. Created exclusively for SonicWall partners, the event will offer unparalleled content, insight, and expert analysis. Presentations will be offered for three time zone schedules and in six partner languages: English, Spanish, French, German, French and Italian. See the promotional video here. This year, the event will feature an appearance from a renowned magic team, Penn & Teller. The event is scheduled for Feb. 23 & 24. Visit this page to register.

Industry News

Feds Arrest a New York Couple and Seize $3.6 Billion In Stolen Cryptocurrency

CNN: A New York couple has been arrested and charged with conspiring to launder $4.5 billion in stolen cryptocurrency funds. Law enforcement officials have seized $3.6 billion of those funds in what US Deputy Attorney General Lisa Monaco called “the department’s largest financial seizure ever.” Ilya Lichtenstein, 34, and his wife, Heather Morgan, 31, are accused of laundering money taken in a massive hack of cryptocurrency exchange Bitfinex in 2016.

Vodafone Portugal Hit by Hackers, Says No Client Data Breach

Reuters: Vodafone’s Portuguese unit said on Tuesday a hacker attack overnight had disrupted its services but assured its customers that their data had not been compromised because of the incident, which is under investigation. Vodafone Portugal reported that its system faced technical problems on Monday evening, with thousands of customers saying they could not make calls or access the internet on their phones or computers. It later discovered the technical issues were caused by what it described as a “deliberate and malicious” cyber attack.

No, that email from Equifax was not a scam.

Washington Post: As part of a settlement package for a massive data breach in 2017, just about everyone is entitled to free credit monitoring for four years. Equifax announced a massive breach had exposed the personal information of approximately 147 million people. At the time, the company said hackers exploited a “website application vulnerability.” People’s names, Social Security numbers, birth dates, addresses — and in some instances driver’s license numbers, credit card numbers and other personal information — were compromised, putting millions of folks at risk of identity theft and other fraudulent activity. In a 2019 complaint, the Federal Trade Commission alleged that Equifax had failed to patch its network after being alerted to the security vulnerability. Equifax, without admitting guilt, agreed that year to a settlement with the FTC, the Consumer Financial Protection Bureau and 50 states and territories. Part of that settlement was providing credit monitoring. But, given the damage the breach caused facilitating the vast number of phishing messages everyone has been receiving since the breach, and the resulting cadence of breaches and ransomware cases, the settlement, say critics, doesn’t go far enough.

Amazon Closes Exposed Flexbooker Bucket After December Data Breach

ZDNet: Digital scheduling platform FlexBooker has been accused of exposing the sensitive data of millions of customers, according to security researchers at vpnMentor. The researchers said the Ohio-based tech company used an AWS S3 bucket to store data but did not implement any security measures, leaving the contents totally exposed and easily accessible to anyone with a web browser. The 19 million exposed files included full names, email addresses, phone numbers and appointment details.

Data Breach Exposes Georgia Voters’ Registration Information

The Hill: Voting software company EasyVote Solutions said Tuesday that it experienced a data breach on Jan. 31, resulting in some Georgia voters’ registration information being shared on the internet. No Social Security numbers or driver’s license numbers were shared online. However, hackers collected public information such as names, addresses, races and birthdates and shared it online. EasyVote offers services that simplify the check-in process for voters in many Georgia counties, including Fulton, Oconee and Paulding.

Switch Hacker Given +3-year Sentence and Owes Nintendo $14.5M

GeekWire: One member of the Team Xecuter hacker group has been sentenced to 40 months behind bars and a $14.5 million bill for his role in his group’s creation and sale of tools used to pirate video games for the Nintendo Switch. The hacker, Gary W. “GaryOPA” Bowser, was initially indicted in Seattle in August 2020 alongside Max “MAXiMiLiEN” Louarn and Yuanning Chen. Bowser shares his name with the traditional antagonist of the Super Mario Bros. game and current Nintendo of America president Doug Bowser but they are not related. The hackers created modification devices and specialized hardware for use with various video game consoles to modify and occasionally “jailbreak” them. The group had been active in the game modification space since at least 2013, producing mod tools for Nintendo systems including the original PlayStation, Xbox, and Xbox 360.

FBI Issues Alert for LockBit 2.0 Ransomware Group, Enlist Public for Help

SC Media: Because security professionals needed something else to keep them occupied, the LockBit ransomware campaign is back for round two. This is another ransomware campaign run in the as-a-Service pattern — RaaS. LockBit 2 has caught enough attention that the FBI has published a FLASH message about it. The alert also seeks to enlist the public’s help for information like boundary logs showing communications with foreign IP addresses, sample ransom notes, contacts with threat actors, Bitcoin wallet information, decryptor files and samples of encrypted files.

Researchers Found Zimbra Zero-Day XSS Vulnerability Under Attack

LatestHackingNews (LHN): Researchers from Volexity shared their findings of the active exploitation of Zimbra zero-day. They observed that the threat actors exploit the flaw in spear-phishing campaigns. Upon analyzing one such phishing email, they noticed the attempt to exploit an XSS zero-day bug in the Zimbra email platform. Zimbra is an open-source web email platform frequently used to substitute for Microsoft Exchange which makes it a lucrative target for threat actors. In the malicious campaign that Veloxity spotted, the attackers executed the attack in two phases. In the first phase, the attackers aim at assessing the success rate of the phishing attack. At this point, the attackers merely wish to observe whether the target user opens the phishing email or not. Then, in the second phase, the attackers change the phishing email’s design to make it more appealing for the target user to open.

Hackers Planted Fake Digital Evidence on Devices of Indian Activists and Lawyers

Hacker News and Washington Post: A previously unknown hacking group has been linked to targeted attacks against human rights activists, human rights defenders, academics, and lawyers across India to plant “incriminating digital evidence.” Cybersecurity firm SentinelOne attributed the intrusions to a group it tracks as “ModifiedElephant,” an elusive threat actor that’s been operational since at least 2012, whose activity aligns sharply with Indian state interests. According to reports, the primary goal of ModifiedElephant is to facilitate long-term surveillance of targeted individuals, ultimately leading to the delivery of “evidence” on the victims’ compromised systems to frame and incarcerate vulnerable opponents. As reported by Washington Post, an Indian activist charged with terrorism was previously targeted by hackers linked to prominent cyber espionage attacks and may have planted fake digital evidence on his devices. The report was based on an investigation conducted by SentinelOne, which helped shed light on what amounted to a concerted, nearly decade-long effort to surveil a group of dissidents. It also offers new clues about the connections between groups that cybersecurity experts have observed targeting foreign adversaries and domestic critics.

In Case You Missed It

SonicWall’s Bob VanKirk, HoJin Kim & David Bankemper Earn 2022 CRN Channel Chief Recognition

/0 Comments/in , /by

SonicWall is thrilled to share that CRN has named three of its sales leaders to the 2022 Channel Chiefs list: Bob VanKirk, HoJin Kim and David Bankemper. CRN’s annual Channel Chiefs project identifies top IT channel vendor executives who continually demonstrate expertise, influence and innovation in channel leadership.

“CRN’s 2022 Channel Chiefs recognition is given exclusively to the foremost channel executives who consistently design, promote, and execute effective partner programs and strategies,” said Blaine Raddon, CEO of The Channel Company. “We’re thrilled to recognize the tireless work and unwavering commitment these honorees put into fostering outstanding business innovation and building strong partner programs to drive channel engagement and success.”

As Chief Revenue Officer for SonicWall, Bob VanKirk is responsible for driving top-line sales across SonicWall’s global distribution network and oversees the teams, strategy and execution related to SonicWall’s global partner success.

HoJin Kim, Vice President, Worldwide Channels for SonicWall, is responsible for driving the development of SonicWall’s global channel efforts. He leads the implementation of the company’s modern channel strategy to build a sustainable competitive advantage for SonicWall’s partners.

David Bankemper is the Senior Director, Channel Sales for SonicWall and has helped to guide continued investment in and adoption of SonicWall’s MSSP program. David is also responsible for ensuring that SonicWall’s channel partners have the products, tools, incentives and training to profitably deliver cost-effective solutions to their customers.

“It is an amazing feat to have three employees from the same organization recognized by CRN as Channel Chief honorees,” said SonicWall President and CEO Bill Conner. “SonicWall is proud to be a 100% channel company and having three people recognized speaks to the caliber of program SonicWall has built over its 30-year existence.”

The 2022 Channel Chiefs are prominent leaders who have influenced the IT channel with cutting-edge strategies, programs and partnerships. All honorees are selected by CRN’s editorial staff based on their dedication, industry prestige, and exceptional accomplishments as channel advocates. SonicWall has been consistently included in recent CRN awards including Executive of the Year, Women of the Channel and Channel Chief and Rising Female Stars.

CRN’s 2022 Channel Chiefs list will be featured in the February 2022 issue of CRN Magazine and online at www.CRN.com/ChannelChiefs.

Cybersecurity News & Trends

/0 Comments/in /by

There’s an extraordinary strong turnout for SonicWall’s upcoming Boundless 2022 global virtual partner experience. SonicWall is also attracting attention for the recent launch of Gen 7 Next Generation Firewalls (NGFWs). In industry news, the US and Europe brace for cyber-attacks in the shadow of the Ukraine crisis, News Corp hit by the “China Nexus,” one-man attack team crashes North Korea’s internet, and the drop in breaches in 2020 “doesn’t reflect reality.”

SonicWall News

Strong Turnout for Boundless 2022 – The Global Virtual Partner Experience

SonicWall is seeing an extraordinarily strong registration turnout for its recently unveiled Boundless 2022, virtual international marquee partner event. The annual events allow partners to hear first-hand about SonicWall’s technology vision and product investments, and gain a deeper understanding of the company’s customer commitments from executives. This year, the event will also feature appearances from a legendary celebrity duo. The event is scheduled for Feb. 23 & 24. Visit this page for registration.

DCC launches SonicWall Gen 7 firewall appliances – taking the fight against cyber attacks

ITWeb: Official SonicWall distributor Drive Control Corporation (DCC) has announced the immediate availability of the newest additions to the company’s high-performance firewall offering, the Generation 7 Network Security platform services (NSsp) and Network Security Appliance (NSa) series.

SonicWall Answers the Call with New NGFWs

ARN-IDG: The big news is that SonicWall recently launched 17 new Gen-7 NGFWs in less than 18 months. So, whether you’re a small business or a large enterprise in your home or the cloud, you’ll benefit from the NGFWs that offer security, control, and visibility for an effective cybersecurity posture.

Industry News

Brace for Russian Cyber Attacks as Ukraine Crisis Continues

Reuters, CNN, New York Times: Britain’s National Cyber Security Centre (NCSC), a part of the GCHQ eavesdropping intelligence agency, warned large organizations (enterprises, service providers) to bolster their cyber security resilience amid the deepening tensions over Ukraine. The consensus among cybersecurity advisors points to a long-term struggle between established industrialized democracies versus rising rivals such as China and Russia. The target is the post-Cold War era where military, technology and economic dominance is to be thoroughly challenged. Some observers, including the US and Europe, believe that attackers who hit Ukrainian government websites earlier this month left the chilling warning, “be afraid and expect the worst.” The message, they say, was aimed at the west. According to CNN, the FBI asks US businesses to report an uptick in Russian hacking threats — the latest effort to prepare for potential Russian cyberattacks on US organizations amid Russia’s troop buildup on Ukraine’s border. New York Times reported that the US dispatched cybersecurity experts to NATO to prepare allies to deter, and perhaps disrupt, Russian cyberattacks on Ukraine and brace for the possibility that sanctions on Moscow could lead to a wave of retaliatory cyberattacks on Europe and the United States.

News Corp hit by cyberattack with suspected link to China

The Hill: News Corp. said Friday it was the victim of a cyberattack likely to benefit the Chinese government and that the intrusion targeted its businesses, including the New York Post, Dow Jones and others. The company detailed the scope of the attack in an email to employees and listed it on a filing with the Securities and Exchange Commission (SEC), where the company said a preliminary analysis pointed to a foreign government targeting one of its third-party, cloud-based systems. The cybersecurity firm Mandiant, investigating the attack, said that assessments point to a “China nexus.”

Oil terminals disrupted after European ports hit by cyberattack

Euronews: Port facilities in Belgium, Germany, and the Netherlands have been targeted by a large-scale cyberattack, authorities say. Officials say the hack began several days ago and has primarily disrupted operations at oil terminals, preventing tankers from delivering energy supplies. In addition, German judicial authorities say they have launched an investigation into suspected “extortion” of oil operators amid soaring energy prices. The cyberattack hit Hamburg — a significant port city in northern Germany — and at least six oil terminals in Belgium and the Netherlands.

How a US hacker took down North Korea’s internet in a revenge cyber-attack

WION: The blame for North Korea’s persistent internet failures does not lie with the United States Cyber Command or any other state-sponsored hacker organization. It was the work of an American man, who sat in his living room night after night, watching Alien movies and munching on spicy corn snacks — while working on a personal project. The project involved periodically walking over to his home office to check on the progress of the programs he was running to disrupt an entire country’s internet. North Korean spies hacked an independent hacker who goes by the handle P4x just over a year ago.

Apple says antitrust bills could cause ‘millions of Americans’ to suffer malware attacks

CNBC: Apple warned lawmakers on Tuesday that antitrust bills being considered in the Senate would increase the risk of security breaches for iPhone users. The reason, Apple explains, is that they may be forced to allow “sideloading” — a process where users can download apps outside the App Store. Apple’s pushback reflects growing concern from the iPhone maker about the American Innovation and Choice Online Act and the Open App Markets Act, both of which are scheduled to be considered this week.

Data breach numbers may not be declining, but reporting them is getting slower

TechRepublic: A study released by Flashpoint and Risk-Based Security found two startling facts: Its report of a drop in the total number of breaches is likely erroneous, and the time it takes for an organization to report. A breach has increased to the highest levels since 2014. Much of what Flashpoint and RBS found was similar to other reports on the topic: Healthcare was a leading target, ransomware is more popular than ever, and billions of records were stolen. One of the more interesting data points that the report covers is its reported 5% drop in the total number of breaches between 2020 and 2021, which analysts say doesn’t reflect reality. In fact, as reported by the NASDAQ news division, the number of data breaches at corporations was up more than 68% in 2021, beating the previous record, set in 2017, by 23% according to the 16th annual Data Breach Report conducted by the Identity Theft Resource Center located in El Cajon, CA.

In Case You Missed It

Don’t Let Global Supply Chain Issues Impact Your Security

/0 Comments/in , , , , , , /by

Switch to SonicWall and secure your environment today without supply chain delays.

Every so often, we get clear examples of why it pays to be prepared. But, as the pandemic continues to impact the global workforce, it also reveals how interconnected and fragile the global supply chain can be.

A recent survey found that 75% of companies have had negative or strongly negative impacts on their businesses due to disruption from the COVID-19 pandemic. Especially vulnerable and consequential in this tale has been the computer chips shortage and its effect on security vendors. Many firms do not have the product in their inventory to meet their customers’ demands. To remedy these problems, vendors are trying many approaches, ranging from delaying upgrades, upselling more expensive products, cutting functionalities to outright EOL-ing (End-Of-Life) some products.

In the pantheon of cybersecurity, such delays can be catastrophic. As ransomware gangs roam global networks seemingly unopposed, shortages and supply disruptions impose a full range of unpleasant experiences, from uncertainty to total disruption of their network security expansion plans. The situation is increasingly problematic as delays expose networks to unnecessary risk as attackers take advantage of known and fixable gaps in security. Network managers understand, but who can blame them for seeking out more reliable sources?

Not all Security Vendors Are Impacted Equally by Shortages

The fact is, not all security vendors are impacted at the same level. Some had the foresight to manage the situation mitigating the risk and effect of global shortages and delays. For SonicWall, we got busy working diligently to minimize disruptions and maintain a robust product supply. At the earliest signs of shortages, we started working with our partners to strategically manage our supply positions. Collaborating diligently with our suppliers, we identified crucial parts and increased our supply in anticipation of a strong rebound. As a result, SonicWall is fulfilling 95% of orders within three days of receiving them.

Benjamin Franklin wrote, “By failing to prepare, you are preparing to fail.” We’ve taken that adage to heart by working closely with our suppliers to identify shortages in the supply chain and redesigned our solutions to take advantage of more readily available parts without sacrificing the quality or durability of our products. These preparatory efforts were well worth it, given the severity of the chip shortage that persists. Having successfully met global challenges in the supply chain allows us to respond to our customer needs more readily with the solutions they need.

The Rewards of Being Prepared

By being prepared, we acted on our customer’s behalf. The reward for all our work is a strong inventory of products, while many of our competitors struggle to fill theirs. If your current security vendor is giving you excuses and can’t offer you the solution you need in a timely manner, it is time to talk to SonicWall. We are ready to deliver the products you need and work with you to implement them now.

Contact Us for more information.