Cybersecurity News & Trends

Cybersecurity News & Trends

This week, SonicWall is on a winning streak with another strong showing in general news and industry press. There were continued mentions of the 2022 SonicWall Cyber Threat Report, new product reviews, and partner news. In industry news, the Tenet healthcare network suffered a cyberattack that disrupted operations at two hospitals in Palm Beach, FL. While cyberattacks rage in Ukraine, US Intel warns of fresh attacks on US targets by state-sponsored cyber gangs from China, Russia, and North Korea. Krebs is following a developing situation where hackers are using fake Emergency Data Requests (EDRs) to gain fraudulent law enforcement actions that can compromise companies and agencies. Meanwhile, JPMorgan is getting sued for a hack, the US State Department antes $10M for information about Russian hackers, the malware loader Bumblebee is loose, and experts examine predictive analytics for cybersecurity.

SonicWall News

Cyberwar Zone: Biden, Experts Warn Business Attacks are Coming

Virginia Business, News: But many cybercrimes go unreported, and private sector numbers paint a far worse picture. Cybersecurity firm SonicWall reports that its researchers recorded 623.3 million ransomware attacks worldwide in 2021 — a 105% increase from 2020.

What Should You Do If Your Brand is the Target of a Data Breach?

TFL, Threat Report Mention: The same is true in the U.S., with ransomware attacks, alone, rising by almost 100 percent in 2021 according to SonicWall’s 2022 Cyber Threat Report.

SonicWall Virtual Firewall Tested and Certified in AWS Public Cloud – Ideal for Distributed Networks

Markets Insider, News: SonicWall today announced a new report by The Tolly Group, which detailed the testing and analysis of the performance of the SonicWall NSv 470 virtual firewall. Using Keysight’s CyPerf cloud-native testing solution to provide the test infrastructure for standardized, repeatable performance tests, Tolly benchmarked the throughput and connection performance of the virtual firewall in Amazon Web Services (AWS).

For Over 30 Years, Jeff Dann Has Had the People, Process, And Technology To Ensure Their Customers Are Protected

MSP Success, Threat Report Mention: SonicWall reports there were 304.7 million ransomware attacks, 51.1 million crypto-jacking attacks, and 32.2 million IoT malware attacks in 2021. The report states that attackers targeted web applications with financial and personal information for a big payday.

The Industry Takes Stock of Cyberattacks In Hawaii

Pacific Inno, News: Each year, the SonicWall Cyber Threat Report uncovers insights extracted from global cyberthreat data collected and analyzed by expert researchers. SonicWall calls its report “the world’s most quoted ransomware threat intelligence,” and it is an annual snapshot of the threat landscape, helping business and government leaders make informed decisions about cybersecurity.

Learn how NLP Can Help to Understand the Cyber-Exposure And The Silent Cyber

Intelligent Insurer, Threat Report Mention: Corporate IT teams handled 623 million ransomware attacks in 2021, up 105% year on year, according to security vendor SonicWall. The firm reports an 1,885 percent increase in attacks on government targets, healthcare (755 percent), education (152 percent) and retail (21 percent).

Cyber Threats to Media Companies Are on The Rise

E&P, Threat Report Mention: Reporter Amiah Taylor explained ransomware research by SonicWall, an internet cybersecurity company, and its 2022 Cyber Threat Report, which offers some alarming statistics about ransomware attacks, in particular governments worldwide saw a 1,885% increase in ransomware attacks, and the health care industry faced a 755% increase in those attacks in 2021.

How To Choose the Best VPN For Security and Privacy

CSO Magazine, Product Mention: For example, SonicWall’s Mobile Connect supports Ping, Okta and OneLogin identity providers.

Privacy Coin Monero’s Use in Ransomware Fuels Growing Security Concerns, Threat Report Mention: That comes as ransomware is exploding, with attacks up 105% last year, according to the 2022 Cyber Threat Report released in February by cybersecurity company SonicWall.

Industry News

Tenet Says, ‘Cybersecurity Incident’ Disrupted Hospital Operations

Healthcare Dive: Tenet is one of the largest US for-profit health systems. It reported that it suffered a cybersecurity incident last week, which disrupted some acute care operations. According to the statement issued Tuesday by the Texas-based operator, most critical functions have been restored, and affected facilities are beginning normal operations. Tenet did not disclose the nature or extent of the incident or the affected facilities. It also didn’t say whether hackers accessed any patient data.

SC Media and CBSNews affiliate WEPC offered additional details on the incident, reporting that the attack forced caregivers to chart patient care using paper because the network’s phone and computer systems were down. As a result, the company’s “acute care operations” at Good Samaritan Hospital in West Palm Beach and St. Mary’s Medical Center were temporarily interrupted.

Cyberattacks Rage in Ukraine, Support Military Operations

Threat Post: At most, five advanced persistent threats (APTs) are believed to be behind attacks tied to ground campaigns that aim to harm Ukraine’s digital infrastructure. Five state-sponsored APT groups are behind the attacks on Ukraine that started in February. The groups used the cyberattacks against Ukraine strategically to support the ground campaign. Microsoft published research on Wednesday that revealed that Russia had state-sponsored the APTs in the campaign.

Separate reports this week shed light on cyberattacks against Ukrainian digital assets carried out by APTs linked to Russia. Microsoft researchers have found that six distinct Russia-aligned threat agents carried out 237 cyber operations, resulting in threats to civilian welfare. They also attempted to launch dozens of cyber espionage attempts against Ukrainian targets.

US Intel, Google Warn of Cyberattacks from China, Russia, North Korea

Newsweek: In the past month, intelligence agencies, President Joe Biden and large companies such as Google all issued the same warning — sounding alarms about the growing threat of cyberattacks coming from foreign governments. Christopher Wray, Director of the Federal Bureau of Investigation, stated that the People’s Republic of China and the Chinese Communist Party are the biggest threats to the country’s counterintelligence. He said they target our innovation, trade secrets, and intellectual property at a scale never before seen in history. According to Google’s Threat Analysis Group (TAG), Iran, North Korea and Russia are the top cyberattacks on the US.

Fighting Fake EDRs with ‘Credit Ratings’ for Police

Krebs On Security: The Krebs security team recently examined how cybercriminals used hacked email accounts of police departments worldwide to obtain warrantless Emergency Data Requests from technology providers and social media companies. Many security experts called it an insurmountable problem. Matt Donahue is a former FBI agent who recently left the agency to start a startup to help tech companies screen out fraudulent law enforcement data requests. This includes assigning credit ratings or trustworthiness to law enforcement agencies worldwide.

Manufacturer Sues JPMorgan After Cybercriminals Stole $272m

Computer Weekly: Essilor Manufacturing sued JP Morgan, alleging that the bank failed to report suspicious activity, leading cybercriminals to steal $272 million. According to reports, Ray-Ban sunglasses’ French manufacturer claimed that the bank failed to notify them of suspicious activity in New York. As a result, the manufacturer claimed an increase in money transactions and money sent to offshore companies in high-risk countries in papers filed in Manhattan federal court.

State Dept Offering $10 Million For Information on Russian Cybercriminals

The Hill: The State Department has announced it is offering a reward of up to $10 million for information on a group of Russian cybercriminals. The department released a press release on Tuesday stating that its Rewards for Justice program (RFJ) is looking for information about six people who are allegedly involved in a criminal conspiracy involving malicious hacking activities that affect the critical infrastructure of the United States. According to the State Department, these individuals were part of a criminal conspiracy that infected computers with destructive malware in June 2017. The malware was called NotPetya.

Cybercriminals Using New Malware Loader’ Bumblebee’ in the Wild

Hacker News: The cybercriminals who were previously seen delivering IcedID and BazaLoader as part of their malware campaigns may have switched to a new loader called Bumblebee, which is currently actively being deployed. Researchers report that Bumblebee may be the new multifunctional tool of choice for spreading malware based on cybercriminals’ timing and early proliferation of the loader. The new loader was distributed in March 2022. There are overlaps between malicious activity and Conti ransomware deployments.

Predictive Analytics could be the Future of Cybersecurity

Analytics Insight: While it might not be possible to prevent every data breach, it is possible to minimize the risk. Even the most skilled cyber professionals admit that it is impossible to control all data breaches. It is impossible to stop determined hackers from getting into systems. This is not because they are too sophisticated; even the most experienced security professionals fall prey to human error. Nevertheless, it is possible to minimize the risk, which is good news. Organizational leaders must accept this fact as soon as possible. It is best to assume that data breaches will happen and set up cyber defenses to reduce the damage. A crisis checklist can help prepare for the worst.

In Case You Missed It

Five Times Flawless: SonicWall Earns Its Fifth Perfect Score from ICSA Labs – Amber Wolff

NSv Virtual Firewall: Tested and Certified in AWS Public Cloud – Ajay Uggirala

How SonicWall’s Supply-Chain Strategies Are Slicing Wait Times – Amber Wolff

SonicWall SMA 1000 Series Earns Best-Of Enterprise VPNs Award from Expert Insights – Bret Fitzgerald

World Backup Day: Because Real Life Can Have Save Points Too – Amber Wolff

CRN Honors SonicWall With 5-Star Rating in 2022 Partner Program Guide – Bret Fitzgerald

Cyberattacks on Government Skyrocketed in 2021 – Amber Wolff

Meeting the Cybersecurity Needs of the Hybrid Workforce – Ray Wyman

Third-Party ICSA Testing – Perfect Score Number 4 – Kayvon Sadeghi

Ransomware is Everywhere – Amber Wolff

Shields Up: Preparing for Cyberattacks During Ukraine Crisis – Aria Eslambolchizadeh

Capture Client 3.7: Rapid Threat Hunting with Deep Visibility and Storylines – Suroop Chandran

2021 Threat Intelligence Shows Attacks Rising Across the Board – Amber Wolff

Break Free with SonicWall Boundless 2022 – Terri O’Leary

SonicWall’s Bob VanKirk, HoJin Kim & David Bankemper Earn 2022 CRN Channel Chief Recognition – Bret Fitzgerald

Don’t Let Global Supply Chain Issues Impact Your Security – Kayvon Sadeghi

Unpacking the U.S. Cybersecurity Executive Order – Kayvon Sadeghi

Everything Old Is New Again: Remote Access Comes Full Circle – James Whewell

Five Times Flawless: SonicWall Earns Its Fifth Perfect Score from ICSA Labs

SonicWall Capture ATP has earned its fifth consecutive perfect score in third-party ICSA Labs testing — validating SonicWall’s position as an industry leader in threat prevention.

It’s exactly one week after National High Five Day, and exactly one week before Cinco de Mayo. But this year, SonicWall has its own reason to celebrate the number five: SonicWall Capture Advanced Threat Protection (ATP) with patented Real-Time Deep Memory Inspection (RTDMI)™ just earned its fifth consecutive perfect score in independent ICSA testing.

Starting in Q1 2021, SonicWall Capture ATP has found 100% of malicious threats in quarterly test rounds without issuing a single false positive. This means that for 160 days of continuous testing, consisting of 6,719 total test runs, SonicWall Capture ATP found all 3,131 malicious samples — the majority of which were four hours old or less. And it did so without misidentifying a single one of the 3,588 innocuous apps scattered throughout.

“SonicWall has now received an amazing five consecutive perfect scores when tested against some of the most unknown and rigorous threats — an unprecedented achievement among tested vendors,” said SonicWall President and CEO Bill Conner. “These third-party, real-world tests validate SonicWall as a clear leader in the cybersecurity space and play a significant role in our efforts to deliver quality-driven security products.”

As the latest in a streak of perfect scores, SonicWall’s Q1 2022 test results reflect not only excellence, but also consistency. From Jan. 19 through Feb. 19, 2022, a SonicWall NSa 3600 next-generation firewall equipped with Capture ATP and patented RTDMI™ technology was once again put through its paces. And once again, it correctly identified all 553 of the malicious samples (100% detection rate) without alerting on any of the 578 innocuous apps (0% false positive rate).

ICSA Advanced Threat Defense: Real-World Results

Standard ICSA Labs Advanced Threat Defense (ATD) testing evaluates vendor solutions designed to detect new threats that traditional security products miss.

Eligible security vendors are tested quarterly for a minimum of three weeks. During that time, ICSA Labs subjects the vendors’ advanced threat solutions to hundreds of test runs consisting of a mixture of innocuous applications, new threats and little-known threats. These threats are delivered via the primary vectors that lead to enterprise breaches, according to Verizon’s Data Breach Investigations Report. The test cycles evaluate how good vendor ATD solutions are at detecting unknown and little-known threats — and whether they can do so while minimizing false positives.

100% Efficacy. One Solution.

The continued success of SonicWall Capture ATP with RTDMI is due to two main factors: the solution’s ability to identify even the most sophisticated and obfuscated threats, and its ability to use what it learns doing so to improve itself over time.

SonicWall Capture ATP is a multi-layer sandbox service designed to mitigate new forms of malware capable of circumventing traditional network defenses.

Included as part of Capture ATP, RTDMI™ leverages proprietary memory inspection, CPU instruction tracking and machine-learning capabilities to become increasingly efficient at recognizing and mitigating never-before-seen cyberattacks — including threats that traditional sandboxes will most likely miss.

And since RTDMI can detect malicious code or data in memory and in real time during execution, no malicious system behavior is necessary for detection. In other words, the presence of malicious code can be identified prior to any malicious behavior taking place, allowing for a quicker verdict.

Best of all, because it incorporates AI and machine learning technologies, RTDMI™ is continuously becoming more efficient and effective.

In 2021, the technology identified a total of 442,151 never-before-seen malware variants, a 65% increase over 2020’s count. And while 2022 numbers have not yet been tallied, in 14 of the last 16 quarters through the end of 2021, the number of new malware variants identified has exceeded that found in the previous quarter.

“In today’s fast-moving and unpredictable threat landscape, it is really hard to earn consistent third-party validation,” said SonicWall Vice President of Software Engineering & Threat Research Alex Dubrovsky. “Our five consecutive perfect scores are a confirmation of our vision and a significant milestone to the SonicWall team’s dedication to providing organizations with the very best threat intelligence technology.”

Cybersecurity News & Trends

Cybersecurity News & Trends

This week, SonicWall generated an excellent balance of press ink for the 2022 SonicWall Cyber Threat Report, product mentions, Bill Conner, and two articles that feature the company and its products. Very well done! In industry news, we see that Microsoft is taking the hacks of its MSO line of products very seriously and showing some success. Hackers claim to have hacked several Russian institutions with a “barrage” of cyberattacks. Meanwhile, hackers “DeFi” cryptocurrency security measures with new attacks. And among the top state-sponsored cyber hackers, North Korea earns recognition as the truly weirdest.

SonicWall News

How To Choose the Best VPN For Security and Privacy

CSO Magazine, Product Mention: For example, SonicWall’s Mobile Connect supports Ping, Okta and OneLogin identity providers.

Privacy Coin Monero’s Use in Ransomware Fuels Growing Security Concerns, Threat Report Mention: That comes as ransomware is exploding, with attacks up 105% last year, according to the 2022 Cyber Threat Report released in February by cybersecurity company SonicWall.

Ransomware Is on the Way and Backups Are Your Best Defense

The New Stack, SonicWall Threat Report Mentioned: You may ask, “Is ransomware really that bad?” It is. Last year, network security vendor SonicWall called 2021 The Year Of Ransomware thanks to an average of 1,748 ransomware attempts per customer by the end of September. Altogether SonicWall reported spotting a crazy 495 million ransomware attempts by the end of September.

Work to Secure Hawaii’s Digital Future

Honolulu Daily Advertiser, SonicWall Threat Report Mentioned: SonicWall’s 2022 Cyber Threat Report revealed that Hawaii is one of the top 10 riskiest states for malware.

The Funky Pigeon Pauses All Orders After ‘Security Incident’

The Register, SonicWall’s Bill Conner Quoted: Another example of how relentless cybercriminals are in their search for profit. Holding victim organizations’ business hostage uniquely impacts retailers and other organizations that provide daily, direct services to their customers. Such attacks directly affect the victim’s revenue generation and thus provide additional leverage to the attackers.

Ransomware Prevention for State & Local Governments

Tech Register, 2022 Threat Report Mention: According to the 2022 Cyber Threat Report from SonicWall, two industries saw large spikes in malware in 2021: healthcare (121 percent) and government (94 percent). In North America, ransomware rose 104 percent in 2021, according to the report, just under the 105 percent average increase worldwide.

Today’s Firewall is More Important in a Multi-Perimeter World; New Cornerstone for Enterprise Security

SME Channels, SonicWall feature: With increasing numbers of devices and remote workers, enterprises are facing even more daunting challenges in protecting the business. Many enterprises, educational institutions, and government agencies have deployed several stand-alone appliances and disjointed defenses, which include traditional firewalls.

Manage and Secure Access to SonicWall NSv with JumpCloud

Security Boulevard, Blog Featuring SonicWall NSv: SonicWall firewalls are widely used by managed service providers (MSPs) to provide affordable and effective perimeter security. The NSv is a next-generation firewall that runs in the cloud, or as a virtualized device in your data center, thereby reducing the costs of buying an appliance. JumpCloud reduces the management overhead for your IT department.

Ransomware Response: 5 Steps to Protect Your Business

Security Boulevard, SonicWall Cyber Threat Report Mention: Last year was the most costly and dangerous year on record for businesses dealing with ransomware attacks. That’s according to network security experts, SonicWall, who by Q3 2021 were reporting an almost 150% year-on-year increase in ransomware attacks worldwide.

Industry News

Microsoft Is on the Hunt for Cyber Criminals

Tech-Co: In a story also reported by Microsoft and Hacker News, big moves against hackers have at least disrupted their activities for now. Microsoft’s Digital Crimes Unit obtained a court order by the United States District Court of the Northern District of Georgia to allow us to take control of 65 domains the ZLoader Gang used to control, grow and communicate with their botnet. These domains have been directed to a Microsoft sinkhole, where they are no longer available for criminal botnet operators. In addition, Zloader embeds a domain generation algorithm in the malware. This allows Zloader to create additional domains that can be used as a backup or fallback communication channel. The court order also allows Microsoft to control 319 other DGA domains.

During the group’s investigation, they discovered that Denis Malikov, from Simferopol, Crimea, was one of the criminals responsible for creating a component in the ZLoader botnet used to distribute ransomware. The group notes that the legal action was the culmination of months of investigations that began before the conflict in the region.

Microsoft claimed that the operation was carried out in partnership with ESET and Lumen’s Black Lotus Labs. Palo Alto Networks Unit 42 and Avast.

WIRED Magazine cautions that while actions like these are heartening, this is no time to be complacent. According to SonicWall’s 2022 Cyber Threat Report, ATTACKS in the United States and all over the globe reached a fever pitch by 2021. Private companies and governments have made the most comprehensive promises to stop such attacks and eliminate the cybercriminal community. These efforts have been highlighted by a flurry of activity over the past weeks. Nevertheless, cybercrime remains at an all-time high, and researchers warn that there is no one solution.

Hackers Claim to Target Russian Institutions in Barrage of Cyberattacks and Leaks

New York Times: Hackers claim that they have hacked into Russian institutions dozens of times in the last two months. This includes the Kremlin’s internet censor and one of its primary intelligence services. In an extraordinary hack-and-leak campaign, they also leaked internal documents and emails to the public.

The leaked information includes names of Russian soldiers that operated in Bucha, where there was a massacre of civilians and agents of FSB (a principal Russian intelligence agency), along with other identifying information such as dates of birth and passport numbers.

Many of the data are difficult to verify by nature. The FSB is an intelligence agency. The FSB is an intelligence agency and would not confirm the identity of its officers. Even the organizations that distributed the data warned that files taken from Russian institutions might contain malware, manipulated, or faked information, and other tripwires.

Researchers say that some data could also be recycled from prior leaks and presented new to boost hackers’ credibility artificially. The data could also be propaganda, which is not unusual for Russia and Ukraine’s ongoing cyberconflict.

Hackers’ DeFi’ Threat Risk Expectations with New Attack Vectors In Crypto

SC Media: In recent years, Decentralized finance platforms (DeFi) have seen much popularity. They have attracted much attention from the bad guys, too.

According to research by Chainalysis, cryptocurrency transfers from illegal digital wallets have risen nearly 2,000% to the DeFi platform between 2020 and 2021. Although malfeasance is decreasing, cryptocurrency and DeFi networks are booming. Chainalysis found that 2021 was the third year in a row where cryptocurrency exchanges didn’t process more than half their transactions for bad actors. Chainalysis also discovered $8.6 billion worth of cryptocurrency transferred from illegal wallets to services between 2021 and 2021.

This is a growing problem for crypto finance as a whole. Nearly $3.2 Billion has been stolen by DeFi systems. $1.3 Billion was taken during the first quarter. Two years ago, DeFi was responsible for less than 30% of all digital data stolen. According to Chainalysis research, hackers took 97% of the cryptocurrency stolen this year from DeFi platforms.

Among Top Hacking Nations, North Korea’s The Weirdest

Washington Post: North Korea is a standout among the global pantheon of government-backed hackers. Not only does it have a lot of activity, and the weirdness also makes it stand out in the hacker world. Hackers are more likely than others to steal cryptocurrency. Most of the money is used to finance the nation’s nuclear program and other government operations.

The Lazarus Group, Pyongyang’s most prominent hacking gang, has recently been in the news for its brazen theft of more than $600 million in cryptocurrency via the Axie Infinity video game. This is just the latest in a series of significant cryptocurrency thefts.

But things get more bizarre, especially when contrasted by other state hacks that usually target US and Euro government offices. For example, North Korea’s 2014 hack of a movie theater — Sony Pictures Entertainment — was to settle a dispute over a negative portrayal of its dictator Kim Jong Un.

Reuters reported further that the UN monitors of North Korean sanctions enforcement reported that cybercrime was vital for Pyongyang’s ability to finance banned weapons programs. UN body stated that cyber activity was essential for North Korea to evade UN sanctions and raise money for its missile and nuclear programs. However, the biannual reports of the experts’ panel did not reflect this because member states were reluctant to report breaches.


In Case You Missed It

NSv Virtual Firewall: Tested and Certified in AWS Public Cloud – Ajay Uggirala

How SonicWall’s Supply-Chain Strategies Are Slicing Wait Times – Amber Wolff

SonicWall SMA 1000 Series Earns Best-Of Enterprise VPNs Award from Expert Insights – Bret Fitzgerald

World Backup Day: Because Real Life Can Have Save Points Too – Amber Wolff

CRN Honors SonicWall With 5-Star Rating in 2022 Partner Program Guide – Bret Fitzgerald

Cyberattacks on Government Skyrocketed in 2021 – Amber Wolff

Meeting the Cybersecurity Needs of the Hybrid Workforce – Ray Wyman

Third-Party ICSA Testing – Perfect Score Number 4 – Kayvon Sadeghi

Ransomware is Everywhere – Amber Wolff

Shields Up: Preparing for Cyberattacks During Ukraine Crisis – Aria Eslambolchizadeh

Capture Client 3.7: Rapid Threat Hunting with Deep Visibility and Storylines – Suroop Chandran

2021 Threat Intelligence Shows Attacks Rising Across the Board – Amber Wolff

Break Free with SonicWall Boundless 2022 – Terri O’Leary

SonicWall’s Bob VanKirk, HoJin Kim & David Bankemper Earn 2022 CRN Channel Chief Recognition – Bret Fitzgerald

Don’t Let Global Supply Chain Issues Impact Your Security – Kayvon Sadeghi

Unpacking the U.S. Cybersecurity Executive Order – Kayvon Sadeghi

Everything Old Is New Again: Remote Access Comes Full Circle – James Whewell

How SonicWall ZTNA protects against Log4j (Log4Shell) – Rishabh Parmar

NSv Virtual Firewall: Tested and Certified in AWS Public Cloud

Looking for the best way to extend your firewall protection to the cloud? Independent testing recently found that SonicWall NSv series is more than up to the challenge.

More than 90% of enterprises use the cloud in some way, with 69% of those considered hybrid cloud users (utilizing both private and public clouds). Along with widespread remote work adoption, this shift is driving the need for scaled-out, distributed infrastructure.

Within this new cloud landscape, security has become more complex as the number of perimeters and integrations grow, and cybercriminals increasingly focus on security gaps and vulnerabilities in cloud implementations. It’s often easier for threat actors to exploit these vulnerabilities than it is to breach hardened components of the cloud deployment.

A next-generation firewall deployed in the cloud can protect critical data stored in the cloud. But it’s important to make sure this firewall provides the same level of security and performance as an on-premises firewall.

Recently, Tolly Group used Keysight Technologies’ brand-new native cloud testing solution — CyPerf — to measure the performance of SonicWall NSv 470 virtual firewall in Amazon Web Services (AWS). AWS is the major public cloud vendor, with a projected 49% market share in enterprise cloud adoption for 2022. AWS recommends a shared responsibility model, meaning AWS is responsible for the security of the cloud, and the customer is responsible for security in the cloud.

What is SonicWall NSv virtual firewall?

SonicWall’s NSv Series virtual firewalls provide all the security advantages of a physical firewall, plus all the operational and economic benefits of the cloud — including system scalability and agility, speed of system provisioning, simple management and cost reduction. NSv delivers full-featured security tools including VPN, IPS, application control and URL filtering. These capabilities shield all critical components of the private/public cloud environments from resource misuse attacks, cross-virtual-machine attacks, side-channel attacks, and common network-based exploits and threats.

What is Keysight Technologies CyPerf?

Keysight CyPerf is the industry’s first cloud-native software solution that recreates every aspect of a realistic workload across a variety of physical and cloud environments. CyPerf deployed across a variety of heterogeneous cloud environments realistically models dynamic application traffic, user behavior and threat vectors at scale. It validates hybrid cloud networks, security devices and services for more confident rollouts.

Putting SonicWall NSv to the Test

Keysight Technologies and Tolly Group engineers tested a SonicWall NSv 470 virtual firewall running SonicOSX version 7. The AWS instance for the NSv 470 under test was AWS C5.2xlarge. The engineers deployed CyPerf agents on AWS C5.n2xlarge instances to be certain that the agents would have sufficient resources to stress the firewall under test. Each of two agent instances was provisioned with 8 vCPUs, 21GB memory and 25GbE network interfaces.

Product Image

Test methodology and results

The engineers used three different traffic profiles to collect results — unencrypted HTTP traffic, encrypted (HTTPS/TLS) traffic, and Tolly’s productivity traffic mix, which includes five applications: JIRA, Office 365, Skype, AWS S3 and Salesforce. Engineers used CyPerf application mix tests to create the Tolly productivity mix and generate stateful, simulated application traffic.

The tests were run against three different security profiles:

1) Firewall: Basic firewall functions with no policy set

2) IPS: Firewall with the intrusion prevention system feature enabled

3) Threat Prevention: Firewall with IPS, antivirus, anti-spyware and application control features enabled

The results observed in the AWS public cloud environment are similar to the results observed in virtual environment.

TestUnencrypted HTTP TrafficEncrypted HTTPS/TLS Traffic 
Firewall Throughput7.70 Gbps3.10 Gbps
IPS Throughput7.60 Gbps3.05 Gbps
Threat Prevention7.40 Gbps3.04 Gbps

Table 1: Test measurements for NSv 470 in AWS Cloud

Note: The table above highlights just a few of the test results. For complete results and test parameters, please download the report.


Most enterprises are moving their datacenters away from traditional on-premises deployments and to the cloud. It is imperative that security teams provide the same level of security for cloud server instances as they have been doing for on-premises physical servers. A next-generation firewall with advanced security services like IPS and application control is the first step to securing cloud instances against cyber threats.

In addition to security features, it also important to choose a firewall that provides the right level of performance needed for a given cloud workload. SonicWall NSv series offers a variety of models with performance levels suited to any size of cloud deployment, with all the necessary security features enabled. To learn more about how SonicWall NSv Series excels in AWS environments, click here.


Cybersecurity News & Trends

SonicWall continues to generate a steady flow of hits from various industry and trade publications and bloggers. In general cybersecurity news, some folks in the cyber security community are uncomfortable with a loophole found in the Cybersecurity Act of 2022. Another news item raises more concern for a rapidly developing threat for US energy companies. Meanwhile, the feds shut down a hacker’s marketplace; a UK government office apologized for an email breach; more malware grief for Microsoft windows and the hacker group NB65 claims they used Russian malware tools to hack the Russian space agency.

SonicWall News

Ransomware Response: 5 steps to Protect Your Business

Security Boulevard: Last year was the most costly and dangerous year on record for businesses dealing with ransomware attacks. That’s according to network security experts, SonicWall, who by Q3 2021 were reporting an almost 150% year-on-year increase in ransomware attacks worldwide.

Russia-Ukraine Conflict: The Time for Cyber Security Is Now

Seeking Alpha: “According to security provider SonicWall, ransomware attacks climbed an unprecedented 105% year-over-year in 2021 to a total of 623.3M attacks. Encrypted threats increased 167% year-over-year to 10.1 million, almost as many as 2018, 2019, and 2020 combined.”

Panasonic Canadian Operations Suffer Data Breach

Security Magazine: According to SonicWall’s 2022 Cyber Threat Report, governments worldwide saw a 1,885% increase in ransomware attacks, and the health care industry faced a 755% increase in those attacks in 2021.

Clumio Protect releases turnkey ransomware protection solution for Amazon DynamoDB

VentureBeat: The announcement comes as ransomware attacks are on the rise, with SonicWall researchers recording 623.2 million ransomware attempts in 2021, an increase of 105% from the year before.

Cyber Threats And Ransomware Attacks Surge As The Government And Private Industry Try To Keep Up

Wisconsin Public Radio: According to the SonicWall Cyber Threat Report, ransomware attack volume increased 105% in the last year and is up 232% since 2019. We hear from a cybersecurity expert about what’s being done by the government and the private sector to push back against the flood of digital and online threats.

Enterprise Infrastructure VPN: Which solution is best?

IDG Connect: In a review of SonicWall Netextender, the author says that SonicWall “enforces granular access policies and extends network access through native clients. It also enhances firewall encryption and security by redirecting all client traffic through VPN.”

Rise of RaaS

Professional Security Magazine: In fact, the number of ransomware attacks has been so frequent that SonicWall’s 2022 Cyber Threat Report revealed governments worldwide saw an 1,885 per cent increase in 2021.

Industry News

Cybersecurity Act of 2022: A Step in the Right Direction with a Significant Loophole

Dark Reading: Recently, the Strengthening American Cybersecurity Act 2022 passed without any partisan debate, such are the cyberthreats facing the United States and the rest of the world. Most cybersecurity communities were pleased to see Congress quickly act on this critical issue. However, some were alarmed by a loophole in the legislation that may hinder a basic tenet of the bill to share cyber security information across all platforms to increase cybersecurity. This loophole includes a complete exclusion of DNS services from reporting requirements and other obligations required of all other companies and entities. This article explains what appears to be an astonishing and deliberate omission in detail. MeriTalk posted a related story. The CISA will roll out a new protected Domain Name System technology (DNS) in 2022 under the Trusted Internet Connections program. Although the new DNS technology will strengthen protections, there are no provisions to share WHOIS or other DNS operations or make cyber security incidents easier to report and track.

US Warns Energy Firms of A Rapidly Advancing Hacking Threat

EnergyWire/E&E News: US intelligence services and the Department of Energy reported that “custom-made malware” was discovered targeting electricity and natural gas infrastructure systems. The FBI and CISA issued a joint alert urging energy companies to strengthen their cybersecurity defenses against a possible attack that could gain “full system access.” This news comes after the Ukrainian government announced Tuesday that it had stopped an attack by the “Sandworm,” an elite Russian hacking group, to disrupt industrial control systems (ICS) that run high-voltage substations. It is possible that the attack would have caused temporary power outages to 2 million people if it had been successful (MIT Technology Review). ARS Technica reports that the FBI and CISA have discovered a “Swiss Army Knife” that can hack industrial control systems. The hack tool, dubbed “Pipedream”, is a versatile malware toolkit designed explicitly for refineries and power grids. This report follows a CISA “shields-up” alert regarding cybersecurity awareness that Forbes reported in February.

Feds Shut Down RaidForums Hacking Marketplace

ThreatPost: US law enforcement shut down the largest cybercriminal online forum in the world and announced federal charges against 21-year-old Portuguese citizen Diogo Santos Coelho on six criminal counts, including conspiracy, access device fraud and aggravated identity theft. Security professionals pointed out that hackers will still be able to buy and sell data stolen from cyber-attacks. However, this takedown is unlikely to cause a lasting disruption. Tuesday, the Department of Justice (DoJ) announced that it had seized three domains to shut down RaidForums, an English-language online marketplace used by cybercriminals to purchase and sell databases taken from companies through ransomware or other cyber-attacks. According to a Tuesday press release, the domains that federal agents seized after they obtained judicial authorization were “,” “” and “”.

Home Office’s Visa Service Apologizes for Email Address Data Breach

The Guardian: The UK’s Home Office’s Visa Service has apologized for a data breach that saw the email addresses of over 170 people accidentally copied into an email sent last week. On 7 April 2022, a message was sent to more than 170 addresses about the need to change the location of a visa appointment with the UK Visa and Citizenship Application Service. Private contractor Sopra Steria manages the UKVCAS on behalf of the Home Office. Some email addresses looked like personal Gmail accounts, while others were associated with lawyers from various firms.

Investigation Into A Computer Breach Involves City Officials And Employees

Fox News (Cleveland): An investigation is ongoing into a computer security breach in the City of Cleveland. Multiple sources claimed it occurred on Saturday. A message was sent to officials and employees of the city, stating that it had been reported. The message said, “We have identified an account compromised on our network trying to harvest log-in passwords.”

Advisory: Hackers Are Using a Simple Trick To Hide Their Windows Malware

ZDNet: Microsoft exposed Tarrask as malware likely to have been created by a state-sponsored hacking organization in China. The program targets Windows computers and makes invisible software updates. The malware was attributed to Hafnium by the Windows maker, the same hacking group that the US and UK blamed for the Exchange Server hacks last year. Tarrask malware causes Windows to run unscheduled tasks and can be installed on Windows machines and remain there undetected after a reboot. The malware uses the Windows Task Scheduler, which admins can use to automate tasks like software updates for browsers or other apps. However, in this instance, the attackers are the ones using it.

Anonymous-Affiliated Hacking Group Used Russia’s Own Ransomware Against Russian Space Agency

Daily Mail (UK): Last month, Anonymous-affiliated Network Battalion 65 claimed it had stolen files from Russia’s space agency Roscosmos. It claimed it also had taken down Roscosmos satellites. Dmitry Rogozin, the head of the Agency, denied that it had lost control over its systems and called out the group’s claims as a scam. However, according to a wide swath of cybersecurity experts, Russia-watchers, and verified by several news outlets, the ransomware ‘Conti’ was indeed used by the NB65 group in a successful hack of Roscosmos. This draws us to the last bit of irony: Conti originates from a Russian cyber-crime organization of the same name.

In Case You Missed It

Cybersecurity News & Trends

SonicWall keeps up the pressure in global trade news with more ink for the 2022 SonicWall Cyber Threat Report and general mentions from online magazines that cater to cybersecurity vendors. In cybersecurity news, several topics received strong coverage: analysis of the vulnerabilities found in data centers and an inside perspective on the US-China cyberwar. In other news, a breakdown of three major SaaS attacks, Block (formerly Square) reports a massive breach of customer data, Russian-state media hacked by Anonymous, and the FBI says they stopped a Russian Botnet attack.

SonicWall News

Cyber Threats Surge as Government And Private Industry Try To Keep Up

NPR-Wisconsin Public Radio: According to the SonicWall Cyber Threat Report, ransomware attack volume increased 105% in the last year and has been up 232% since 2019. We hear from cybersecurity experts on what’s being done by the government and the private sector to push back against the flood of digital and online threats.

How can Healthcare Prepare for a “WannaCry 2”?

Healthcare Innovations: Governments worldwide saw a 1,885% increase in ransomware attacks in 2021, and the healthcare industry faced a 755% increase in those attacks, according to the SonicWall 2022 Cyber Threat Report. Of the victims, the United States came out on top. Most of these attacks have been found to have originated in Russia.

Russia-Ukraine Conflict: The Time for Cybersecurity Is Now

Seeking Alpha: Cybersecurity has always been a concern for individuals, corporations, and governments. However, the current conflict exacerbates the broader trend of attacks as they continue to increase in size, volume, and sophistication. This poses significant financial, reputational, and legal risks for the agencies targeted. For example, according to security provider SonicWall, ransomware attacks climbed an unprecedented 105% year-over-year in 2021 to 623.3M attacks. In addition, encrypted threats increased 167% year-over-year to 10.1 million, almost as many as 2018, 2019, and 2020 combined.

Buncombe County IT Requests Extra Funding to Bolster Cybersecurity

ABC 13 News (North Carolina): Buncombe County’s IT department wants to enhance its cyberdefense. County commissioners will consider a request from Buncombe County IT for $225,197 to augment and strengthen the county’s cybersecurity program. Governments worldwide saw a 1,885% increase in ransomware attacks, according to the 2022 Cyber Threat Report released by SonicWall, an internet cybersecurity company.

Mafia Moves: How to Combat Ransomware Extortion

Security Magazine (Event Announcement): Ransomware is big business, and no company is immune. In fact, ransomware attacks doubled last year, jumping 105% compared to 2020 (SonicWall). A ransomware attack can devastate a company by encrypting all its data and offering only one viable path to recovery: money. In this session, we will walk you through the anatomy of a ransomware attack, where you will learn step by step what to expect.

Ransomware Response: 5 Steps to Protect Your Business

Techspective: Last year was the most costly and dangerous year for businesses dealing with ransomware attacks. According to network security experts, by Q3 2021, SonicWall was reporting an almost 150% increase in ransomware attacks worldwide.

SonicWall: Security That Can be Licensed

CRN (Poland): SonicWall celebrated its 30th-anniversary last year. During this time, he developed solutions that make up an integrated security environment that has gained the recognition of industry experts and millions of satisfied customers worldwide.

SonicWall’s Next-Generation Wi-Fi Solution for Small And Medium-Sized Enterprises

BCN (Japan): With the promotion of workstyle reforms and the scourge of corona, even small and medium-sized enterprises are becoming more mobile within the company. However, the security measures of the introduced Wi-Fi products are vulnerable, and there are conspicuous dangerous cases where they are exposed to the risk of unauthorized access and malware from the outside. SonicWall Japan’s enterprise Wi-Fi solution has advanced security functions that provide real-time protection from known / unknown threats and management tasks that reduce person-hours at the time of introduction and significantly reduce the time and effort of the administrator.

Industry News

Physical Infrastructure Cybersecurity: A Growing Problem for Data Centers

Facility managers have more control over modern data center infrastructure management platforms (also known as ‘DCIM’) and other tools. As a result, managing data centers is now more efficient, scalable, faster and more effective than ever before. And, as it turns out, their physical infrastructure is now more vulnerable to cyberattacks than ever before. According to DataCenterKnowledge, research revealed that thousands of data center management systems were exposed to the Internet. Any attacker who has access to infrastructure management platforms may be able to manipulate cooling systems, which can cause servers to overheat and damage critical components. They could also upload malicious backup files or disrupt backup processes. In addition, The Hacker News reported that attackers can now remotely hack and disable uninterruptible power supply systems if they have dashboards accessible via the Internet. Dark Reading noted that the Cybersecurity and Infrastructure Security Agency (CISA) and Department of Energy (DoE) distributed a joint alert last week that threat actors are hacking Internet-connected uninterruptible power supply (UPS) devices typically via default username and password combinations.

Russian-Backed Hackers Spreading Disinformation on Facebook

The Hill: A new Facebook report found that government-affiliated hackers from Russia and Belarus attempted to use the social media platform for cyber espionage and disinformation campaigns targeting Ukrainians. The hackers attacked the Ukrainian telecom industry and defense and energy sectors. They also targeted tech platforms, journalists, activists, and tech platforms. Facebook claimed it had stopped a disinformation campaign associated with the Belarusian KGB. It posted that Ukrainian troops were surrendering and that leaders fled the country after Russia invaded. The tech company claimed it had disabled the account and ended the campaign the same day. In a related report, CNN reported that Ukrainian soldiers found their Facebook accounts targeted by hackers, some posing as journalists and independent news outlets online to push Russian talking points, running coordinated campaigns to get posts by critics of Russia removed from social media. And The Verge reported that hackers also planted false reports of a Ukrainian surrender into on-screen messages during live broadcast news. Though such statements are quickly disproved, experts have suggested that their purpose is to erode Ukrainians’ trust in media.

Hacked: Inside the US-China Cyberwar

AlJazeera: The United States has a long history of cyberespionage. However, cyberespionage has also been a long-standing problem for the government and private businesses in the United States. The Chinese government has been enhancing its technological, economic and military capabilities to be a global leader in cyberwarfare since the late 90s. Experts claim that China is now welcoming its citizen hacker group as a resource to combat aggressive actions by US-based attackers. Once thought to be patriotic internet nerds, Chinese hackers emerge in the mainstream as China and the US fight in cyberspace. There are also many allegations that Chinese hackers are state-sponsored. In a separate report, Bloomberg says suspected state-sponsored Chinese hackers recently targeted India’s power generation sector as part of an apparent ongoing cyber-espionage campaign.

Breaking Down 3 SaaS App Cyber Attacks in 2022

The Hacker News: Three major tech companies, Okta and HubSpot, reported data breaches last week. The first two were performed by DEV-0537 (also known as LAPSUS$). This highly skilled group uses state-of-the-art attack vectors with great success. The identity of the HubSpot attackers was not revealed. This article is on our recommended reading list. It provides a solid forensic examination of the evidence behind the three breaches, based on publicly available information with best practices that could help reduce the chance of attacks for other companies bracing for more attacks.

Block Confirms Cash App Breach After Former Employee Accessed US Customer Data

TechCrunch: Block has confirmed a data breach involving a former employee who downloaded reports from Cash App that contained some US customer information. In a filing with the Securities and Exchange Commission (SEC) on April 4, Block — formerly known as Square — said that the reports were accessed by the insider on December 10. Mashable reported separately that the company notified 8.2 million US customers of the data breach, noting that the compromised data included their customers’ full names and brokerage portfolio values.

Anonymous Affiliate NB65 Breached State-Run Russian Broadcaster

HackRead: NB65 (Network Battalion 65) is a hacker group linked with the Anonymous hacktivist collective. The group claims to have breached the servers of Russian state-run television and radio broadcaster called the “All-Russia State Television and Radio Broadcasting Company” (VGTRK). The data leak reportedly contains 4,000 files and more than 900,000 emails from VGTRK.

FBI Says It Disrupted Russian Hackers

Reuters: The FBI says that its cyber defense unit wrested control of thousands of routers and firewall appliances away from Russian military hackers by hijacking the same infrastructure Moscow’s spies were using to communicate with the devices, US officials said on Wednesday. An unsealed redacted affidavit described the unusual operation as a pre-emptive move to stop Russian hackers from mobilizing the compromised devices into a “botnet” – a network of hacked computers that can bombard other servers with rogue traffic. FoxNews reports that the attack involved thousands of infected network hardware devices under the control of a threat actor known as Sandworm, which the US government previously attributed to the Main Intelligence Directorate of the General Staff of the Armed Forces of the Russian Federation (the GRU). The Daily Mail (UK) added that the FBI stopped the attack by hijacking the same infrastructure Moscow’s spies used and stopping the botnet in its tracks. It’s important to note the unusual nature of this operation, a pre-emptive move to prevent some Russian hackers from mobilizing the compromised devices. ‘Botnet’ is a network of hacked computers that can bombard servers with traffic.

In Case You Missed It

How SonicWall’s Supply-Chain Strategies Are Slicing Wait Times

In an industry rife with backorders, SonicWall’s proactive approach to supply-chain management has allowed the company to fulfill 95% of orders within just three days.

Cybersecurity customers in 2022 occupy an increasingly uneasy middle ground. On one side are elected officials, news writers and security professionals all urgently warning that attack surfaces are widening, cybercrime is rising, and you really ought to have upgraded your security posture yesterday. And on the other side are equally urgent warnings from cybersecurity vendors that the components you need to do exactly that … won’t be in stock for several months.

With reports of wait times already stretching into 2023, how can you ensure your organization is prepared to face today’s cyberattacks?

“If you want a firewall next year, call them. If you want one next week, call us.”

The outlook for SonicWall customers, however, is quite different. Products are in stock when they’re needed, and time from order to receipt is a small fraction of what’s being estimated with other vendors.

Currently, SonicWall is fulfilling 95% of orders within 3 days.

Before the pandemic, this sort of lead time was admirable; today, it’s nearly unheard-of. Even more remarkable, SonicWall has achieved this track record during a period of record sales. The introduction of SonicWall’s Gen 7 product line, along with exceptional third-party testing results and industry accolades, has fueled a 33% increase in new customer growth and a 45% increase in new customer sales.

To understand why this is such an accomplishment, it helps to understand why today’s supply-chain environment has ensured such lead times are the exception rather than the rule.

The Ongoing Struggles of the Supply Chain

The COVID-19 pandemic is often discussed as having a “ripple effect,” like a rock being dropped in the water. But when it comes to the effects on manufacturing and shipping, it’s more like an earthquake, with unpredictable aftershocks unleashing chaos in greater magnitude than the original event.

Material shortages, cost increases and shipping challenges have been felt across the board, and roughly 94% of the Fortune 1000 have seen pandemic-related supply-chain disruptions

In a world where few things are manufactured in the same place they’re ultimately purchased, shipping is among the most crucial links in the supply chain. There is currently a 12-plus-week door-to-door ocean freight delivery extension — and those delays are continuing to grow as consumer spending increases and congestion worsens.

The Port of Los Angeles last year saw more containers than any year in its history, surpassing the previous high-water mark by 13%. While numbers aren’t yet in for March 2022, January and February 2022 have both set new records, suggesting that this year may be even busier.

This volume has created unprecedented strain: During the past few months, The New York Times reports that container ships have been stuck at ports for a week on average, up 4% compared with all of 2021 and an increase of 21% over the start of the pandemic.

The outlook isn’t much better once containers move inland: reports of trains backed up for dozens of miles aren’t uncommon, and trucking companies are facing a worker shortage nearly 80,000 strong.

And while all industries have been shaken up, security vendors and other tech companies have been especially vulnerable to the worldwide shortage of computer chips, with many companies simply unable to supply products to meet their customers’ security needs.

SonicWall’s Secret Weapon: Preparation

But if everyone is experiencing these problems, what are people doing about it? Not much, as it turns out. When consulting firm Alix Partners surveyed 3,000 CEOs in early 2022, fewer than half reported that they were taking longer-term action to ameliorate supply-chain challenges, while a majority said they were instead relying on short-term solutions.

SonicWall has been able to succeed in this climate because it bucked this trend — and it did so early on. The company’s current goal is that any product ordered be “on the shelf” and ready to ship. This has required SonicWall to change many of its internal processes, as well as how the company works with suppliers and ships goods — a process that began long ago.

More than 18 months ago, SonicWall’s operations department began noticing an increase in lead times. The shift was subtle at first, starting with a few decommits from suppliers that were missing their targets by a week or two. Suppliers weren’t yet officially announcing that lead times were going up, but these delays were enough to propel the company’s supply-chain management team into action.

At that time, the company planned roughly six to nine months out. To accommodate increasing delays, the outlook was increased to about 12 months, and since then it’s been extended up to 16 months for some products. These projections have helped ensure that if one part of the supply chain slows down or breaks, partners and customers are impacted as little as possible.

At the same time, SonicWall began working with its suppliers to identify at-risk components, and quickly set about redesigning products (without impacting performance or capabilities) to take advantage of readily available supplies. Using available components not only eases manufacturing, it also eliminates the possibility that a delay at the factory could create timing issues that could plague the process from start to finish.

SonicWall has also embraced flexibility when it comes to shipping. Because the time from when products are picked up from a supplier’s warehouse until the time they arrive at a SonicWall warehouse has increased from four weeks to eight to 12 weeks, supply-chain managers are constantly on the lookout for which ports are likely to be the least congested two to three months from now. And when it becomes difficult to find storage containers or book freight on time, products are also shipped by air when necessary.

While many of SonicWall’s competitors are struggling to fill orders, these steps have ensured that SonicWall has a strong inventory of products on hand and is able to provide customers with the solutions they need, when they need them. If your current security vendor can’t deliver, reach out to a SonicWall expert — you could be up and running by this time next week.

SonicWall SMA 1000 Series Earns Best-Of Enterprise VPNs Award from Expert Insights

SonicWall is pleased to announce that it has been awarded an Expert Insights “Best-Of” award for its enterprise VPN solution: SMA 1000 Series.

SonicWall earned this coveted award thanks to its ability to empower remote workforces without sacrificing security or ease of use. The SonicWall SMA 1000 Series easily handles the influx of remote users on large, distributed networks by enabling organizations to scale up to a million remote VPN users.

“The SMA 1000 Series appliances enable organizations to deliver best-in-class secure access to any network or application, anytime, from anywhere and any device — all while minimizing attack surfaces,” said SonicWall Executive Director of Product Marketing Kayvon Sadeghi. “We are incredibly honored to see our enterprise VPN solution be recognized by Expert Insights.”

Expert Insights’ Best-Of Awards are designed to recognize cloud technology providers across multiple software categories including cloud software, security and storage, highlighting up to 11 vendors in each category.

Best-Of award winners are chosen by Expert Insights’ editors, based on extensive research into each solution’s merits as a solution provider, customer reviews and how they compare to their competitors.

All recipients of these awards were specifically selected for their impressive features, strong capabilities, and positive user experiences. Expert Insights also takes into consideration pricing, target markets and the deployment process when selecting the top vendors.

You can view the full list of Expert Insights award winners here.

Award image

Cybersecurity News & Trends

Not only did we pick up more news hits for the 2022 SonicWall Cyber Threat Report, SonicWall saw global reports on the fantastic record-breaking year for its channel partners. Industry news in cybersecurity and hacking didn’t take a pause last week. First, the health care equipment manufacturer Philips discovered a vulnerability in products that use an e-alert system. We’ll wait to see if that item gets more airplay next week. Second, Crypto hackers stole more than $600 million from Axie Infinity’s Ronin gaming network – and this is a new record haul. Finally, we found an excellent overview and summary of the “Strengthening American Cybersecurity Act” legislation this month. And in other news, Chinese hackers target VMware with Deep Panda, and hackers are abusing fake emergency subpoenas to force companies to give up important information.

SonicWall News

Apple Forced to Issue Emergency Fixes for Two Zero-Days

IT Wire: Apple issued emergency fixes for two zero-day vulnerabilities that were being exploited in the wild and affected iPhones, iPads, and Macs. In the same report, over the past 12 months, SonicWall threat researchers have diligently tracked the meteoric rise in cyberattacks and trends and activity across all threat vectors.

Cyber Security Risks and Companies’ Readiness

Financial Times: Research from cyber security company SonicWall supports a more positive outlook [that major business recognizes the risks]. “From mid-2020 to 2021, the number of CEOs who said cyber security risks were the biggest threat to short-term growth nearly doubled,” said SonicWall chief executive Bill Conner in its recent cyber threat report.

Cyber Heroes Prepare for Battle

RED/MSU Denver: The bad guys – cybercriminals, in this case – appear to be winning. Ransomware attacks have risen 62% worldwide since 2019 and by nearly 160% in North America, according to a 2021 SonicWall Cyber Threat Report. Last year’s attack on Colonial Pipeline was among those which crippled energy infrastructure that delivers about 45% of fuel for the East Coast. As for the good guys: There aren’t enough of them.

World Backup Day: Building a Tiered Backup Strategy for Ransomware Recovery

ToolBox: In 2021, SonicWall recorded an alarming 623.3 million ransomware attacks globally, averaging 2,170 attempts per customer. With each attack aimed at exploiting weaknesses in IT networks and endpoint devices to inject ransomware, organizations can’t afford to lower their guard for a moment.

Can The Financial Sector Manage Hybrid Working Security?

Finance Monthly: Ransomware is not the only threat, of course. Today, a wide range of attack methods need to be considered and resisted. For example, SonicWall’s Cyber Threat Report recently recorded 56.9 million IoT attacks, 5.6 billion malware attacks, and 4.8 trillion intrusion attempts.

Digital Rights Management Market is Growing at A Rate Of 17% With The Rise In Security Concerns

Globe Newswire (TBRC Business Research): according to the 2021 Cyber Threat Report by SonicWall, there has been a 62% increase in ransomware since 2019. This number is still rising as cybersecurity attacks become more complex and challenging to detect. Digital rights management is also used by healthcare organizations and financial services firms to ensure compliance with data privacy and protection standards such as HIPAA (Health Insurance Portability and Accountability) and the Gramm-Leach-Bliley Act (GLB Act or GLBA). Hence, the rise in security concerns is expected to create avenues for the digital rights management market growth.

Mitigating Security Risks Posed by Hybrid Working

TechRadar Pro: A wide range of attack methods need to be considered and resisted. SonicWall’s Cyber Threat Report recently recorded 56.9 million IoT attacks, 5.6 billion malware attacks, and 4.8 trillion intrusion attempts.

SonicWall Posts Record-Breaking Year as Channel Partners Thrive with Unparallel Product Demand

Yahoo Finance (Cision Press Release): Today, SonicWall announced that 2021 was its best year. Propelled by delivering high-demand products, including the evolution of its Generation 7 next-generation firewalls and a laser focus on its customers, SonicWall showed record levels of sales and profitability in 2021.

SonicWall Creció Un 20% En Iberia, Ayudado Por Sus Más De 900 Partners

IT User (Spain): La compañía cuenta a nivel global con más de 17.000 partners activos, que han aumentado su cuota de mercado en franjas de precios y segmentos de mercado clave. SonicWall ha aumentado un 33% su cartera de nuevos clientes y un 45% las ventas en nuevos clientes, y ha registrado un aumento del 10% en los ingresos recurrentes anuales de los partners.

El Canal Ayuda a SonicWall a Cosechar en 2021 El Mejor Resultado De Su Historia

Dealer World (Spain): De histórico se puede calificar el año 2021 para SonicWall, que se ha traducido en los mejores resultados en la historia de la compañía. Resultados que se han visto impulsados por la venta de productos de alta demanda, incluida la evolución de sus firewalls de próxima generación, Generation 7, y un enfoque 100% dirigido al cliente, SonicWall logró niveles récord de ventas y rentabilidad en 2021; y especialmente por el trabajo de su Canal.

SonicWall Hace Frente a Las Ciberamenazas e Incrementa Las Oportunidades De Los Canales

Reseller 15 Años (Mexico): Basado en el Informe de Ciberamenazas 2022 de SonicWall, el fabricante líder en Inteligencia de Amenazas de ransomware, compartió el trabajo que está realizando junto con sus socios para enfrentar el aumento de casi todas las amenazas monitoreadas, ciberataques y ataques digitales maliciosos, donde se incluye el ransomware, las amenazas cifradas, el malware IoT y cryptojacking.

SonicWall Live-Webinar: Meet the Cybersecurity Requirements of Hybrid Working Models

InfoPoint Security (Germany): Join the SonicWall MINDHUNTER series and learn from security expert Stephan Kaiser what business and security challenges this fast-growing and dynamic IT landscape poses for your IT managers.

SonicWall Reports Record Year for Products and Channel Engagement

Channel Life (Australia): SonicWall has reported its best year on record, attributing its new range of products, customer focus and successful channel engagement. Despite challenging economic conditions, the company posted strong financial results, strengthening its pipeline growth. They reported a 33% increase in new customer growth and a 45% increase in recent customer sales.

Industry News

Philips Issues Cybersecurity Warning Over e-Alert MRI Monitoring System

Fierce BioTech: Philips is currently facing a possible hacking risk following discovering a vulnerability in its eAlert MRI monitoring systems. This could be a significant event due to the high use of Philips medical instruments in the U.S. The e-Alert system has sensors that monitor MRI machines and issues alarms when specific parameters are exceeded. These include temperature and humidity in the technical and exam rooms and the status of the machine’s power supply. They also monitor the chiller, cryo-compressor, and helium levels. In addition, magnet placement is also observed.

Hackers Steal Over $600 Million From Video Game Axie Infinity’s Ronin network

CNN: A new crypto-hack has taken out a gaming-oriented blockchain network that supports Axie Infinity. In one of the most significant crypto hacks, hackers stole approximately $625 million in Ethereum and USDC, two currencies. According to a company blog post, attackers stole private keys used to verify transactions on the network. Malicious actors used these keys to create fake withdrawals. The malicious actors were able to forge fake withdrawals. According to the blog post, the network promised to “ensure that no users’ funds were lost.” The company stated that most of the stolen funds are still in the crypto wallet of the hacker.

Three Cybersecurity Fundamentals Businesses Get Wrong

Forbes: What do all businesses, regardless of industry and size, have in common? They are at risk from cybersecurity attacks like ransomware and customer data breaches. These attacks can cause financial ruin for businesses and force them to close. Hiscox, an insurance company, found that cyberattacks had affected one in six companies. At the same time, when businesses spend a lot of money to protect themselves from these types of attacks, they often do it without a plan. Written by a cybersecurity professional who claims to have worked with many financial institutions, this article is well worth reading. It has the perspective of a cybersecurity professional and offers essential insights that many businesses are dealing with today.

An Overview of the Strengthening American Cybersecurity Act

J.D. Supra: President Joe Biden signed the Strengthening American Cybersecurity Act on March 15, 2022. This overview gives us a concise understanding of the act’s provisions and how they may affect business. For instance, the reviewer notes that the act focuses on the need for rapid disclosures and solid protections for private-sector workers in the cybersecurity field. This legislation establishes a cyber incident and ransomware response protocol for businesses that operate in many core sectors of the U.S. economic system. These industries include communications, financial services, chemical, communication, energy, food & agricultural, government facilities and healthcare, transportation and waste management. The law is not only targeted at organizations that are critical infrastructure but will also have wide-reaching consequences for all businesses.

Local Cybersecurity Gaining Traction

S.C. Media: StateScoop reports on local cybersecurity information sharing and resource sharing. Federal support via the $1 billion cybersecurity grant program has led to increased cyber collaboration among local governments, according to Michael Makstman, San Francisco Chief Information Security Officer, and Greg McCarthy, Boston CISO. As a result, they co-founded The Coalition of City CISOs.

Chinese Hackers Target VMware Horizon Servers with Log4Shell to Deploy Rootkit

Hacker News: Deep Panda, a persistent Chinese threat, has been observed exploiting Log4Shell vulnerability on VMware Horizon servers. This was to install a backdoor and a novel rootkit onto infected machines to steal sensitive data. Deep Panda is also known as Shell Crew, KungFu Kattens and Bronze Firestone. Recent attacks “targeting technology providers for command and control infrastructure building,” according to Secureworks.

Hackers Abusing Power of Subpoena Via Fake “Emergency Data Requests”

Krebs on Security: Criminal hackers have discovered a terrifying new “method” to steal sensitive customer data from Internet service providers and phone companies. This involves hacking into email accounts linked to government agencies and police departments, then sending unauthorized requests for subscriber information while claiming that the requested information cannot wait for a court order as it is an urgent matter of life or death. The Verge reported that Apple and Meta gave user data to hackers, who feigned emergency request orders usually sent by law enforcement. Both companies gave out user data to hackers in the middle of the massive surge in hacks SonicWall reported last year.

Suppose federal, state, or local law enforcement agencies want to know who owns a particular account at a social networking firm or which Internet addresses that account has used previously? In that case, they must submit a court-ordered warrant. This notification forges that entire legal process. Most of these bad actors who make these fake requests are teenagers. According to Bloomberg, cybersecurity researchers believe the teen mastermind behind Lapsus$ hacking organization may have inspired the group to take this type of action. Another group called the Recursion Team might be responsible for last year’s string of similar attacks. While the group has since disbanded, they have some members who joined Lapsus$ under different names. Bloomberg was informed by officials involved in the investigation that hackers had accessed accounts in several countries and targeted numerous companies over a few months beginning in January 2021.

In Case You Missed It