Cybersecurity News & Trends Blog Cover

Cybersecurity News & Trends – 04-08-22


SonicWall keeps up the pressure in global trade news with more ink for the 2022 SonicWall Cyber Threat Report and general mentions from online magazines that cater to cybersecurity vendors. In cybersecurity news, several topics received strong coverage: analysis of the vulnerabilities found in data centers and an inside perspective on the US-China cyberwar. In other news, a breakdown of three major SaaS attacks, Block (formerly Square) reports a massive breach of customer data, Russian-state media hacked by Anonymous, and the FBI says they stopped a Russian Botnet attack.

SonicWall News

Cyber Threats Surge as Government And Private Industry Try To Keep Up

NPR-Wisconsin Public Radio: According to the SonicWall Cyber Threat Report, ransomware attack volume increased 105% in the last year and has been up 232% since 2019. We hear from cybersecurity experts on what’s being done by the government and the private sector to push back against the flood of digital and online threats.

How can Healthcare Prepare for a “WannaCry 2”?

Healthcare Innovations: Governments worldwide saw a 1,885% increase in ransomware attacks in 2021, and the healthcare industry faced a 755% increase in those attacks, according to the SonicWall 2022 Cyber Threat Report. Of the victims, the United States came out on top. Most of these attacks have been found to have originated in Russia.

Russia-Ukraine Conflict: The Time for Cybersecurity Is Now

Seeking Alpha: Cybersecurity has always been a concern for individuals, corporations, and governments. However, the current conflict exacerbates the broader trend of attacks as they continue to increase in size, volume, and sophistication. This poses significant financial, reputational, and legal risks for the agencies targeted. For example, according to security provider SonicWall, ransomware attacks climbed an unprecedented 105% year-over-year in 2021 to 623.3M attacks. In addition, encrypted threats increased 167% year-over-year to 10.1 million, almost as many as 2018, 2019, and 2020 combined.

Buncombe County IT Requests Extra Funding to Bolster Cybersecurity

ABC 13 News (North Carolina): Buncombe County’s IT department wants to enhance its cyberdefense. County commissioners will consider a request from Buncombe County IT for $225,197 to augment and strengthen the county’s cybersecurity program. Governments worldwide saw a 1,885% increase in ransomware attacks, according to the 2022 Cyber Threat Report released by SonicWall, an internet cybersecurity company.

Mafia Moves: How to Combat Ransomware Extortion

Security Magazine (Event Announcement): Ransomware is big business, and no company is immune. In fact, ransomware attacks doubled last year, jumping 105% compared to 2020 (SonicWall). A ransomware attack can devastate a company by encrypting all its data and offering only one viable path to recovery: money. In this session, we will walk you through the anatomy of a ransomware attack, where you will learn step by step what to expect.

Ransomware Response: 5 Steps to Protect Your Business

Techspective: Last year was the most costly and dangerous year for businesses dealing with ransomware attacks. According to network security experts, by Q3 2021, SonicWall was reporting an almost 150% increase in ransomware attacks worldwide.

SonicWall: Security That Can be Licensed

CRN (Poland): SonicWall celebrated its 30th-anniversary last year. During this time, he developed solutions that make up an integrated security environment that has gained the recognition of industry experts and millions of satisfied customers worldwide.

SonicWall’s Next-Generation Wi-Fi Solution for Small And Medium-Sized Enterprises

BCN (Japan): With the promotion of workstyle reforms and the scourge of corona, even small and medium-sized enterprises are becoming more mobile within the company. However, the security measures of the introduced Wi-Fi products are vulnerable, and there are conspicuous dangerous cases where they are exposed to the risk of unauthorized access and malware from the outside. SonicWall Japan’s enterprise Wi-Fi solution has advanced security functions that provide real-time protection from known / unknown threats and management tasks that reduce person-hours at the time of introduction and significantly reduce the time and effort of the administrator.

Industry News

Physical Infrastructure Cybersecurity: A Growing Problem for Data Centers

Facility managers have more control over modern data center infrastructure management platforms (also known as ‘DCIM’) and other tools. As a result, managing data centers is now more efficient, scalable, faster and more effective than ever before. And, as it turns out, their physical infrastructure is now more vulnerable to cyberattacks than ever before. According to DataCenterKnowledge, research revealed that thousands of data center management systems were exposed to the Internet. Any attacker who has access to infrastructure management platforms may be able to manipulate cooling systems, which can cause servers to overheat and damage critical components. They could also upload malicious backup files or disrupt backup processes. In addition, The Hacker News reported that attackers can now remotely hack and disable uninterruptible power supply systems if they have dashboards accessible via the Internet. Dark Reading noted that the Cybersecurity and Infrastructure Security Agency (CISA) and Department of Energy (DoE) distributed a joint alert last week that threat actors are hacking Internet-connected uninterruptible power supply (UPS) devices typically via default username and password combinations.

Russian-Backed Hackers Spreading Disinformation on Facebook

The Hill: A new Facebook report found that government-affiliated hackers from Russia and Belarus attempted to use the social media platform for cyber espionage and disinformation campaigns targeting Ukrainians. The hackers attacked the Ukrainian telecom industry and defense and energy sectors. They also targeted tech platforms, journalists, activists, and tech platforms. Facebook claimed it had stopped a disinformation campaign associated with the Belarusian KGB. It posted that Ukrainian troops were surrendering and that leaders fled the country after Russia invaded. The tech company claimed it had disabled the account and ended the campaign the same day. In a related report, CNN reported that Ukrainian soldiers found their Facebook accounts targeted by hackers, some posing as journalists and independent news outlets online to push Russian talking points, running coordinated campaigns to get posts by critics of Russia removed from social media. And The Verge reported that hackers also planted false reports of a Ukrainian surrender into on-screen messages during live broadcast news. Though such statements are quickly disproved, experts have suggested that their purpose is to erode Ukrainians’ trust in media.

Hacked: Inside the US-China Cyberwar

AlJazeera: The United States has a long history of cyberespionage. However, cyberespionage has also been a long-standing problem for the government and private businesses in the United States. The Chinese government has been enhancing its technological, economic and military capabilities to be a global leader in cyberwarfare since the late 90s. Experts claim that China is now welcoming its citizen hacker group as a resource to combat aggressive actions by US-based attackers. Once thought to be patriotic internet nerds, Chinese hackers emerge in the mainstream as China and the US fight in cyberspace. There are also many allegations that Chinese hackers are state-sponsored. In a separate report, Bloomberg says suspected state-sponsored Chinese hackers recently targeted India’s power generation sector as part of an apparent ongoing cyber-espionage campaign.

Breaking Down 3 SaaS App Cyber Attacks in 2022

The Hacker News: Three major tech companies, Okta and HubSpot, reported data breaches last week. The first two were performed by DEV-0537 (also known as LAPSUS$). This highly skilled group uses state-of-the-art attack vectors with great success. The identity of the HubSpot attackers was not revealed. This article is on our recommended reading list. It provides a solid forensic examination of the evidence behind the three breaches, based on publicly available information with best practices that could help reduce the chance of attacks for other companies bracing for more attacks.

Block Confirms Cash App Breach After Former Employee Accessed US Customer Data

TechCrunch: Block has confirmed a data breach involving a former employee who downloaded reports from Cash App that contained some US customer information. In a filing with the Securities and Exchange Commission (SEC) on April 4, Block — formerly known as Square — said that the reports were accessed by the insider on December 10. Mashable reported separately that the company notified 8.2 million US customers of the data breach, noting that the compromised data included their customers’ full names and brokerage portfolio values.

Anonymous Affiliate NB65 Breached State-Run Russian Broadcaster

HackRead: NB65 (Network Battalion 65) is a hacker group linked with the Anonymous hacktivist collective. The group claims to have breached the servers of Russian state-run television and radio broadcaster called the “All-Russia State Television and Radio Broadcasting Company” (VGTRK). The data leak reportedly contains 4,000 files and more than 900,000 emails from VGTRK.

FBI Says It Disrupted Russian Hackers

Reuters: The FBI says that its cyber defense unit wrested control of thousands of routers and firewall appliances away from Russian military hackers by hijacking the same infrastructure Moscow’s spies were using to communicate with the devices, US officials said on Wednesday. An unsealed redacted affidavit described the unusual operation as a pre-emptive move to stop Russian hackers from mobilizing the compromised devices into a “botnet” – a network of hacked computers that can bombard other servers with rogue traffic. FoxNews reports that the attack involved thousands of infected network hardware devices under the control of a threat actor known as Sandworm, which the US government previously attributed to the Main Intelligence Directorate of the General Staff of the Armed Forces of the Russian Federation (the GRU). The Daily Mail (UK) added that the FBI stopped the attack by hijacking the same infrastructure Moscow’s spies used and stopping the botnet in its tracks. It’s important to note the unusual nature of this operation, a pre-emptive move to prevent some Russian hackers from mobilizing the compromised devices. ‘Botnet’ is a network of hacked computers that can bombard servers with traffic.

In Case You Missed It

SonicWall Staff