Cybersecurity News & Trends – 03-11-22
Reports on new attacks have dropped off a bit, but the 2022 SonicWall Cyber Threat Report continues to appear in many general and vertical business journals. Meanwhile, in industry news, the SEC is pushing out updated rules to improve cybersecurity transparency among public entities in the general news. Ubisoft and Samsung says they were hacked. In Ubisoft’s case, player information is safe, but Samsung saw thousands of employee credentials released to the dark web and hackers now have the algorithms they need to unlock Samsung biometric security measures. Plus, a vulnerability was found in APC uninterruptible power supplies used by networks and data centers worldwide. Two new surveys reveal weaknesses in cybersecurity that stem from human behavior: security teams react too slowly, and most companies say that they’d rather wrestle with their security bugs quietly than have ethical hacking reveal all.
SonicWall News
SonicWall Cyber Threat Report highlights that ransomware attacks doubled in 2021
Continuity Central: SonicWall has released its 2022 Cyber Threat Report. This report details a sustained surge in ransomware with 623.3 million attacks globally. Additionally, nearly all monitored threats, cyber-attacks and malicious digital assaults rose in 2021, including ransomware, encrypted threats, IoT malware, and cryptojacking.
SonicWall Threat Intelligence Confirms 981% Increase of Ransomware Attacks in India
EleTimes (India): SonicWall, the publisher of the world’s most quoted ransomware threat intelligence, today released the 2022 SonicWall Cyber Threat Report. The bi-annual report details a sustained meteoric rise in ransomware with 623.3 million attacks globally. Nearly all monitored threats, cyberattacks and malicious digital assaults rose in 2021, including ransomware, encrypted threats, IoT malware and cryptojacking.
Ransomware, threats, IoT malware, cryptojacking on the rise
IT Brief (Australia): There has been a sustained meteoric rise in ransomware in 2021, with 623.3 million attacks globally, according to new research from SonicWall. The bi-annual 2022 SonicWall Cyber Threat Report showed nearly all monitored threats, cyberattacks and malicious digital assaults rose in 2021, including ransomware, encrypted threats, IoT malware and cryptojacking.
Navigate the unknowns of tomorrow in this must-read report for CISOs, CTOs, and CIOs
IT Wire: What a year. On top of the global pandemic, 2021 brought us 623.3 million ransomware attacks, 60.1 million IoT attacks, 97.1 million cryptojacking attacks, and much more. So much happened that SonicWall viewed 2021 as a turning point in the war on ransomware with increasing recognition from businesses and governments. SonicWall found the number of CEOs who said cybersecurity risks were the biggest threat to short-term growth nearly doubled. In addition, Australia, the United States, Japan, Germany, and other countries passed measures strengthening national cybersecurity.
Officials tighten cybersecurity measures amid potential threats from Russia
News12 Bronx: Ransomware attacks were up 92% last year, according to the 2022 Cyber Threat Report from Sonic Wall, a leading cybersecurity firm. The Colonial Pipeline, Hackensack Meridian Health and the world’s largest meat processing company, KBS, are just some of the corporations that had their files stolen or encrypted and held for ransom, often by cyber-gangs based in Russia.
Report: Ransomware attacks on networks soared in 2021
CSCMP Supply Chain Quarterly: Business leaders are worried about the growing volume of malicious attacks on IT networks, and are especially concerned about supply chain vulnerability in 2022, according to a report from cybersecurity firm SonicWall, released this month. The company’s 2022 Cyber Threat Report tracked a 232% increase in ransomware globally since 2019 and a 105% increase from 2020 to 2021. Ransomware is malware that uses encryption to hold a person or organization’s data captive, so they cannot access files, databases, or applications. According to the report, such attacks were up 98% in the United States last year and 227% in the United Kingdom.
Industry News
The SEC Makes Its Move to Improve Cybersecurity Transparency
In January, SEC Chair Gary Gensler discussed cybersecurity in securities laws with his remarks before the Northwestern Pritzker School of Law’s Annual Securities Regulation Institute. See this Cooly PubCo posting. Gensler said that cyberattacks could have a substantial economic impact on the economy which includes malware, ransomware, denial-of-service, business email compromises and other attacks. Gensler also stated that cyberattacks are a national security problem and reminds us that “cybersecurity is a team sport” with the private sector often at the front lines. The New York Times reported that this has been particularly true in the recent weeks, when “the war in Ukraine stress-tests the system.” According to Renee Jones, Corp Fin Director, today’s events are more severe than ever, escalating cybersecurity risks affecting almost all reporting companies. The SEC’s concerns about cybersecurity disclosure are not new. This week, they released proposed rule changes. If enacted as law, the rules would require up-to-date disclosures about material cybersecurity incidents and tighter reporting on policies, management activity, and company in-house expertise in cybersecurity. Harvard Law School released an assessment about the proposed rule changes, which is recommended reading for managers of public entities.
Ubisoft says it experienced a ‘cyber security incident’
The Verge: Ubisoft, a major game company based in France, says that it experienced a “cyber security incident” last week that temporarily disrupted some games, systems, and services, the company reported Thursday. Ubisoft said it believes that “at this time there is no evidence any player personal information was accessed or exposed as a by-product of this incident” and says that games and services are now “functioning normally.” Out of caution, the company also “initiated a company-wide password reset.”
Vulnerabilities found in APC power supplies is a warning to ServiceNow administrators
IT World (Canada): Security professionals don’t believe hackers could use an uninterruptible power supply box to bridge a threat to a connected network. The fact is anything connected to the internet can pose a threat. According to this report, three critical firmware flaws were discovered in APC Smart-UPS devices. Security researchers at Armis say cyber attackers could exploit the flaws and damage sensitive devices, such as critical industrial or medical equipment. The bugs, the report says, could be used to hack into corporate IT networks to install malware. Schneider Electric, the manufacturer of APC lines, has developed a patch that administrators must install quickly. According to this report, the ServiceNow platform for IT support is not correctly locking down their systems. A security researcher at AppOmni reported that nearly 70% of ServiceNow instances tested were not correctly configured.
Samsung confirms data breach after hackers leak internal source code
Tech Crunch: Samsung has confirmed that there was a security breach. Hackers obtained nearly 200 gigabytes (including source code) of sensitive data. These include algorithms and technologies for biometric unlocking operations. Lapsus$ hackers – who also infiltrated Nvidia and then published thousands of employee credentials online – claimed responsibility for the breach. The hackers also claimed to have obtained source code from Samsung’s TrustZone environment where Samsung phones perform sensitive operations and maintain algorithms for unlocking biometric security measures.
Security Teams Prep Too Slowly for Cyberattacks
Dark Reading: Attackers often exploit new vulnerabilities in days or weeks. However, defenders take a long time to discover and act on critical issues. According to a new report, it takes defenders 96 days to identify and block cyber threats. Cyber Workforce Benchmark 2022 found that cybersecurity professionals are more inclined to concentrate on security issues that have received media attention, like Log4j, rather than less important ones. Additionally, the report showed that different industries achieve their security capabilities at very different rates. For example, security professionals working in the entertainment, leisure, and retail sectors are usually twice as fast responding to cyber threats as their counterparts in critical sectors such as transport and vital infrastructure. CISA states that security professionals should apply patches within 15 days. However, if the vulnerability is being exploited, it’s better to do so sooner.
Most Orgs Prefer Security Bugs Over Ethical Hackers
Threat Post: New research suggests that organizations are increasingly concerned about security, but they still rely on “security by obscurity.” According to HackerOne’s recent survey data, 65% of surveyed companies said they want to be considered infallible to their customer base. However, 64% said they have a culture that values security by obscurity. In other words, they’d rather wrestle with their security bugs in secret rather than have ethical hackers reveal all their security problems to the public.
In Case You Missed It
- Understanding the MITRE ATT&CK Framework and Evaluations – Part 1 – Suroop Chandran
- BEC Attacks: Inside a $26 Billion Scam – Amber Wolff
- Ransomware is Everywhere – Amber Wolff
- Shields Up: Preparing for Cyberattacks During Ukraine Crisis – Aria Eslambolchizadeh
- Capture Client 3.7: Rapid Threat Hunting with Deep Visibility and Storylines – Suroop Chandran
- 2021 Threat Intelligence Shows Attacks Rising Across the Board – Amber Wolff
- Break Free with SonicWall Boundless 2022 – Terri O’Leary
- SonicWall’s Bob VanKirk, HoJin Kim & David Bankemper Earn 2022 CRN Channel Chief Recognition – Bret Fitzgerald
- Don’t Let Global Supply Chain Issues Impact Your Security – Kayvon Sadeghi
- Unpacking the U.S. Cybersecurity Executive Order – Kayvon Sadeghi
- Everything Old Is New Again: Remote Access Comes Full Circle – James Whewell
- How SonicWall ZTNA protects against Log4j (Log4Shell) – Rishabh Parmar
- 10 Tips for a Safe and Happy Holiday – Amber Wolff
- The Rise and Growth of Malware-as-a-Service – Ray Wyman
- A Record-Breaking Year for SonicWall’s Boundless Future – Ray Wyman
- Cybersecurity is Infrastructure – Ray Wyman