SonicWall's weekly Cybersecurity News and Trends.

Cybersecurity News & Trends – 06-24-22

By

Curated stories about cybersecurity news and trends from major news outlets, trade pubs and infosec bloggers.

SonicWall finishes an intense week with news articles citing the 2022 Cyber Threat Report, a quote from Bill Conner, and articles written by our frontline cybersecurity experts. From industry news, we have three big reads. One is about the day the Internet died a few hours earlier in the week, compiled from posts by Computer WorldBleeping Computer, and ZDNet. From Bleeping Computer, we learned that Conti was busy with the ARMattack campaign, ransoming 40 organizations in only one month. Finally, from Dark Reading and CSO Online, according to researchers, there are 56 vulnerabilities in operational technology products used in everything from factories to hospitals. Is our technology insecure by design?

Remember, cybersecurity is everyone’s business. Be safe out there!

SonicWall News

Best Practices for Protecting Against Phishing, Ransomware and Email Fraud

CXOtoday (India), SonicWall Byline: Security teams and the organizations they support live in difficult times: they increasingly are the targets of sophisticated threats developed by a shadowy and very well financed cybercrime industry that has demonstrated it can often outsmart even the most robust security defenses.

Dicker Data, Hitech Support, Next Telecom, Datacom score SonicWall Honors

CRN (Australia), SonicWall News: “SonicWall has awarded Australian partners Dicker Data, Hitech Support, Next Telecom, Datacom System and Dell Australia for their work at its Asia-Pacific Partner Awards for the 2022 financial year.”

What is a Cyberattack? Types and Defenses

eSecurity Planet, SonicWall Threat Report Mention: Driven by the global pandemic, the increase in remote and hybrid work, and unprepared network defenses, cyberattacks have been rising exponentially. The 2022 SonicWall Cyber Threat Report found that all types of cyberattacks increased in 2021. Encrypted threats spiked 167%, ransomware increased 105%, and 5.4 billion malware attacks were identified by the report.

Ransomware, the Cyberattack that Set Off Alarms in Latin America

Forbes Colombia, SonicWall Threat Report Mention: The Cyber Threat Report 2022 of the US firm SonicWall, shows a rebound of 105% in data hijacking last year, surpassing 623 million attacks worldwide – almost twenty attempts per second – with the United States in the lead (421 million or 67.5% of the total).

Buy Access to a Company’s Data on the Dark Web for Less Than The Cost of a MacBook

Tech Radar Pro, Bill Conner Quote: “Ransomware attacks have simply exploded last year. Recent figures from SonicWall recorded more than 600 million ransomware attacks took place across the world in 2021, representing an increase of 105% compared to the year before. Compared to 2019, the figures are even worse, showing a rise of 232%. Cyberattacks become more attractive and potentially more disastrous as dependence on information technology increases,” said SonicWall President and CEO Bill Conner.

Russia’s Invasion of Ukraine Elevates Cybersecurity Concerns for Emerging Markets

Oxford Business Group, Threat Report Mention: According to security vendor SonicWall, ransomware attacks were up 105% in 2021, including a 1885% increase in attacks on government agencies, 755% in the health care sector, 152% in education and 21% in retail.

Fortinet vs. SonicWall: Enterprise Wireless LAN Comparison

Enterprise Networking Planet, Product Comparison: Fortinet and SonicWall are both well regarded enterprise wireless LAN vendors. This article will help you decide which solution is best for your business.

Detecting the Silent Cryptojacking Parasite to Remain Disease-free

Teiss, Published Byline: Immanuel Chavoya at SonicWall describes the dangers of cryptojacking, a damaging and parasitical use of an organization’s computer resources.

Digital Infrastructure Becomes Pivotal for Businesses and Personal Lives

Markers (APAC), SonicWall Executive Interview: Digital transformation is disrupting businesses across the globe as digital infrastructure becomes pivotal for the success and survival post-Covid-19. Over the years since the pandemic hit, we have witnessed a huge surge in digital platforms and tools used in business operations which in turn has increased the risk of cyberattacks. At this junction, the role of next-gen cyber security solution provider plays a significant role. Here is an interview with Debasish Mukherjee, Vice President, Regional Sales, APJ at SonicWall sharing his views on the cybersecurity market post-pandemic, threats to businesses, key cybersecurity recommendations, and how SonicWall can help organizations overcome these challenges.

Industry News

Half of the Internet died earlier this week

Compiled from Multiple Sources: A server outage at Cloudflare’s servers led to many websites and services going down. The resulting blackout affected significant services like Google, AWS and Twitter. Although the online security company quickly identified and fixed the problem (the service was down for a few minutes), it created a flurry of worry and spun up rumors about the cause.

Initially, we were all left in the dark about the nature of the blackout, which was even more worrisome as ComputerWorld reported major disruptions to large areas. Customers trying to access Cloudflare-supported websites experienced ‘500 errors’ (Internal server errors) for approximately two hours before the service was restored around 9 am GMT.

Bleeping Computer reported that the event was reminiscent of another outage when Cloudflare stopped a 26 million request-per-second DDoS attack, which was the most severe ever recorded. The record-breaking attack, which occurred last week, targeted one of Cloudflare’s customers using the Free plan. Experts speculated that the threat actor behind the attack used stolen servers and virtual machines, as it originated from Cloud Service Providers rather than weaker IoT devices from compromised Residential Internet Service Providers.

ZDNet updated the story with a Cloudflare apology that blamed the outage THIS week on a configuration error during a “routine” network upgrade.

Conti Ransomware Hacking Spree Breaches Over 40 Orgs in a Month

Bleeping Computer: Conti is a cybercrime syndicate that runs one of the most aggressive ransomware campaigns. It has become highly organized to the point where affiliates were able to hack more than 40 primarily US-based businesses in just over a month.

Security researchers identified the hacking campaign as “ARMattack” and said it was one of the group’s most productive and effective. ARMattack was also very fast, considering how quickly the group compromised the networks. Additionally, the ransom requested by the attacker is unknown, nor do we know if any victims paid it.

Bleeping Computer also claims Conti is currently the third most frequent ransomware gang in terms of attack frequency.

The number of victims who have not paid Conti ransoms increased to 859; however, this count is based only on publicly available data on the group’s leak site and is probably higher.

This number shows that Conti has published data from at least 35 organizations that did not pay ransom each month.

Insecure By Design: 56 Vulnerabilities Discovered in OT Products

Dark Reading: A new analysis of data from multiple sources has uncovered 56 vulnerabilities in Operational Technology (OT) products from 10 vendors, including notable ones such as Honeywell, Siemens, and Emerson.

These security issues are collectively called OT.ICEFALL. They stem from insecure cryptographic implementations, weak authentication schemes or weak cryptographic implementations, insecure firmware updates mechanisms and improperly protected native functionality, which hackers can use for remote code execution. CSO Online reports that 14% of the vulnerabilities could lead to remote code execution, and 21% could allow for firmware manipulation.

The problem stems from device vendors not including basic security features like encryption and authentication. Plus, these vulnerable devices are often installed in older products that their owners continue to use, even though there are better options. So now we have the element of false confidence as many vulnerable products have been subject to an audit and are now certified as safe for OT networks.

Researchers compared their findings with those from Project Basecamp, conducted ten years ago. Then as now, they focused on insecure-by design problems in remote terminal units (RTUs), programable logic controllers (PLCs), and other controllers in SCADA (Supervisory Control and Data Acquisition) used in industrial installations.

The bottom line: the vulnerabilities are still present.

In Case You Missed It

Enhance Security and Control Access to Critical Assets with Network Segmentation – Ajay Uggirala

Office Documents are Still Not Safe for Cybersecurity – Ray Wyman

Three Keys to Modern Cyberdefense: Affordability, Availability, Efficacy – Amber Wolff

BEC Attacks: Can You Stop the Imposters in Your Inbox? – Ken Dang

SonicWall CEO Bill Conner Selected as SC Media Excellence Award Finalist – Bret Fitzgerald

Cybersecurity in the Fifth Industrial Revolution – Ray Wyman

What is Cryptojacking, and how does it affect your Cybersecurity? – Ray Wyman

Why Healthcare Must Do More (and Do Better) to Ensure Patient Safety – Ken Dang

SonicWall Recognizes Partners, Distributors for Outstanding Performance in 2021 – Terry Greer-King

Anti-Ransomware Day: What Can We Do to Prevent the Next WannaCry? – Amber Wolff

CRN Recognizes Three SonicWall Employees on 2022 Women of the Channel List – Bret Fitzgerald

Enjoy the Speed and Safety of TLS 1.3 Support – Amber Wolff

Four Cybersecurity Actions to Lock it All Down – Ray Wyman

Understanding the MITRE ATT&CK Framework and Evaluations – Part 2 – Suroop Chandran

Five Times Flawless: SonicWall Earns Its Fifth Perfect Score from ICSA Labs – Amber Wolff

NSv Virtual Firewall: Tested and Certified in AWS Public Cloud – Ajay Uggirala

How SonicWall’s Supply-Chain Strategies Are Slicing Wait Times – Amber Wolff

SonicWall SMA 1000 Series Earns Best-Of Enterprise VPNs Award from Expert Insights – Bret Fitzgerald

World Backup Day: Because Real Life Can Have Save Points Too – Amber Wolff

CRN Honors SonicWall With 5-Star Rating in 2022 Partner Program Guide – Bret Fitzgerald

Cyberattacks on Government Skyrocketed in 2021 – Amber Wolff

Meeting the Cybersecurity Needs of the Hybrid Workforce – Ray Wyman

Third-Party ICSA Testing – Perfect Score Number 4 – Kayvon Sadeghi

Ransomware is Everywhere – Amber Wolff

Shields Up: Preparing for Cyberattacks During Ukraine Crisis – Aria Eslambolchizadeh

SonicWall Staff