Cybersecurity News & Trends
This week, SonicWall generated an excellent balance of press ink for the 2022 SonicWall Cyber Threat Report, product mentions, Bill Conner, and two articles that feature the company and its products. Very well done! In industry news, we see that Microsoft is taking the hacks of its MSO line of products very seriously and showing some success. Hackers claim to have hacked several Russian institutions with a “barrage” of cyberattacks. Meanwhile, hackers “DeFi” cryptocurrency security measures with new attacks. And among the top state-sponsored cyber hackers, North Korea earns recognition as the truly weirdest.
CSO Magazine, Product Mention: For example, SonicWall’s Mobile Connect supports Ping, Okta and OneLogin identity providers.
PYMNTS.com, Threat Report Mention: That comes as ransomware is exploding, with attacks up 105% last year, according to the 2022 Cyber Threat Report released in February by cybersecurity company SonicWall.
The New Stack, SonicWall Threat Report Mentioned: You may ask, “Is ransomware really that bad?” It is. Last year, network security vendor SonicWall called 2021 The Year Of Ransomware thanks to an average of 1,748 ransomware attempts per customer by the end of September. Altogether SonicWall reported spotting a crazy 495 million ransomware attempts by the end of September.
Honolulu Daily Advertiser, SonicWall Threat Report Mentioned: SonicWall’s 2022 Cyber Threat Report revealed that Hawaii is one of the top 10 riskiest states for malware.
The Register, SonicWall’s Bill Conner Quoted: Another example of how relentless cybercriminals are in their search for profit. Holding victim organizations’ business hostage uniquely impacts retailers and other organizations that provide daily, direct services to their customers. Such attacks directly affect the victim’s revenue generation and thus provide additional leverage to the attackers.
Tech Register, 2022 Threat Report Mention: According to the 2022 Cyber Threat Report from SonicWall, two industries saw large spikes in malware in 2021: healthcare (121 percent) and government (94 percent). In North America, ransomware rose 104 percent in 2021, according to the report, just under the 105 percent average increase worldwide.
Today’s Firewall is More Important in a Multi-Perimeter World; New Cornerstone for Enterprise Security
SME Channels, SonicWall feature: With increasing numbers of devices and remote workers, enterprises are facing even more daunting challenges in protecting the business. Many enterprises, educational institutions, and government agencies have deployed several stand-alone appliances and disjointed defenses, which include traditional firewalls.
Security Boulevard, Blog Featuring SonicWall NSv: SonicWall firewalls are widely used by managed service providers (MSPs) to provide affordable and effective perimeter security. The NSv is a next-generation firewall that runs in the cloud, or as a virtualized device in your data center, thereby reducing the costs of buying an appliance. JumpCloud reduces the management overhead for your IT department.
Security Boulevard, SonicWall Cyber Threat Report Mention: Last year was the most costly and dangerous year on record for businesses dealing with ransomware attacks. That’s according to network security experts, SonicWall, who by Q3 2021 were reporting an almost 150% year-on-year increase in ransomware attacks worldwide.
Tech-Co: In a story also reported by Microsoft and Hacker News, big moves against hackers have at least disrupted their activities for now. Microsoft’s Digital Crimes Unit obtained a court order by the United States District Court of the Northern District of Georgia to allow us to take control of 65 domains the ZLoader Gang used to control, grow and communicate with their botnet. These domains have been directed to a Microsoft sinkhole, where they are no longer available for criminal botnet operators. In addition, Zloader embeds a domain generation algorithm in the malware. This allows Zloader to create additional domains that can be used as a backup or fallback communication channel. The court order also allows Microsoft to control 319 other DGA domains.
During the group’s investigation, they discovered that Denis Malikov, from Simferopol, Crimea, was one of the criminals responsible for creating a component in the ZLoader botnet used to distribute ransomware. The group notes that the legal action was the culmination of months of investigations that began before the conflict in the region.
Microsoft claimed that the operation was carried out in partnership with ESET and Lumen’s Black Lotus Labs. Palo Alto Networks Unit 42 and Avast.
WIRED Magazine cautions that while actions like these are heartening, this is no time to be complacent. According to SonicWall’s 2022 Cyber Threat Report, ATTACKS in the United States and all over the globe reached a fever pitch by 2021. Private companies and governments have made the most comprehensive promises to stop such attacks and eliminate the cybercriminal community. These efforts have been highlighted by a flurry of activity over the past weeks. Nevertheless, cybercrime remains at an all-time high, and researchers warn that there is no one solution.
New York Times: Hackers claim that they have hacked into Russian institutions dozens of times in the last two months. This includes the Kremlin’s internet censor and one of its primary intelligence services. In an extraordinary hack-and-leak campaign, they also leaked internal documents and emails to the public.
The leaked information includes names of Russian soldiers that operated in Bucha, where there was a massacre of civilians and agents of FSB (a principal Russian intelligence agency), along with other identifying information such as dates of birth and passport numbers.
Many of the data are difficult to verify by nature. The FSB is an intelligence agency. The FSB is an intelligence agency and would not confirm the identity of its officers. Even the organizations that distributed the data warned that files taken from Russian institutions might contain malware, manipulated, or faked information, and other tripwires.
Researchers say that some data could also be recycled from prior leaks and presented new to boost hackers’ credibility artificially. The data could also be propaganda, which is not unusual for Russia and Ukraine’s ongoing cyberconflict.
SC Media: In recent years, Decentralized finance platforms (DeFi) have seen much popularity. They have attracted much attention from the bad guys, too.
According to research by Chainalysis, cryptocurrency transfers from illegal digital wallets have risen nearly 2,000% to the DeFi platform between 2020 and 2021. Although malfeasance is decreasing, cryptocurrency and DeFi networks are booming. Chainalysis found that 2021 was the third year in a row where cryptocurrency exchanges didn’t process more than half their transactions for bad actors. Chainalysis also discovered $8.6 billion worth of cryptocurrency transferred from illegal wallets to services between 2021 and 2021.
This is a growing problem for crypto finance as a whole. Nearly $3.2 Billion has been stolen by DeFi systems. $1.3 Billion was taken during the first quarter. Two years ago, DeFi was responsible for less than 30% of all digital data stolen. According to Chainalysis research, hackers took 97% of the cryptocurrency stolen this year from DeFi platforms.
Washington Post: North Korea is a standout among the global pantheon of government-backed hackers. Not only does it have a lot of activity, and the weirdness also makes it stand out in the hacker world. Hackers are more likely than others to steal cryptocurrency. Most of the money is used to finance the nation’s nuclear program and other government operations.
The Lazarus Group, Pyongyang’s most prominent hacking gang, has recently been in the news for its brazen theft of more than $600 million in cryptocurrency via the Axie Infinity video game. This is just the latest in a series of significant cryptocurrency thefts.
But things get more bizarre, especially when contrasted by other state hacks that usually target US and Euro government offices. For example, North Korea’s 2014 hack of a movie theater — Sony Pictures Entertainment — was to settle a dispute over a negative portrayal of its dictator Kim Jong Un.
Reuters reported further that the UN monitors of North Korean sanctions enforcement reported that cybercrime was vital for Pyongyang’s ability to finance banned weapons programs. UN body stated that cyber activity was essential for North Korea to evade UN sanctions and raise money for its missile and nuclear programs. However, the biannual reports of the experts’ panel did not reflect this because member states were reluctant to report breaches.
In Case You Missed It
NSv Virtual Firewall: Tested and Certified in AWS Public Cloud – Ajay Uggirala
CRN Honors SonicWall With 5-Star Rating in 2022 Partner Program Guide – Bret Fitzgerald
Cyberattacks on Government Skyrocketed in 2021 – Amber Wolff
Third-Party ICSA Testing – Perfect Score Number 4 – Kayvon Sadeghi
Ransomware is Everywhere – Amber Wolff
Shields Up: Preparing for Cyberattacks During Ukraine Crisis – Aria Eslambolchizadeh
Break Free with SonicWall Boundless 2022 – Terri O’Leary
Don’t Let Global Supply Chain Issues Impact Your Security – Kayvon Sadeghi
Unpacking the U.S. Cybersecurity Executive Order – Kayvon Sadeghi
Everything Old Is New Again: Remote Access Comes Full Circle – James Whewell
How SonicWall ZTNA protects against Log4j (Log4Shell) – Rishabh Parmar