Cybersecurity News & Trends for September 2, 2022

Read a curated collection of stories about cybersecurity news and trends that really matter to all of us.

As SonicWall pushes delivery of Wi-Fi 6 Wireless Access Points, the international trade press is celebrating with a steady flow of ink. In the meantime, here’s something a little different for our “Big Read” of Industry News, focusing on rising threats rather than the ones that have already hit. First, thanks to Hacker News and CyberWire, we learned that over 1,800 poorly scripted mobile apps have hard-coded Amazon Web Services credentials, which means that hackers can harvest them! Then from ProPublica and CNET, there’s the story about how the desire to become a social media influencer outweighs common sense cybersecurity safety. This one just blew our minds. And finally, from AP News and Electronic Frontier Foundation, a new tech tool that gives police departments a mass surveillance system ‘on a budget.’ It’s not big news yet, but we’re pretty sure it will be.

Remember that cybersecurity is everyone’s business. Be safe out there!

SonicWall News

Kansas Most at Risk for Malware Attacks

Fox 4 News Kansas City, SonicWall News: SonicWall reports that malware dropped 4% year over year in 2021, with a total of 5.4 billion hits reported by the firm’s devices around the world. The company detected 2.9 billion malware hits on their US sensors in 2021. Florida saw the most malware hits with 625 million in 2021. The state didn’t appear on the latest list, indicating that these attacks can be successfully thwarted by technologies like antivirus software and firewalls.

Our Success Is Based on The Philosophy Of Knowledge Building And Sharing

Digital Terminal (India), SonicWall News: Commenting on the increasing cyber incidents, Debasish Mukherjee, Vice President, Regional Sales APJ, SonicWall Inc said, “Across the globe, we saw that pandemic while stretched companies’ networks, accelerated their digital transformation, on the downside exposed them to more cybercrime. Cybersecurity has become much more important in today’s times than ever before. The global cyber security market is estimated to record a CAGR of 10.5% over the forecast period of 2022 to 2032.”

SonicWall Boosts Wireless Play with Ultra-High-Speed Wi-Fi 6 Access Points

European Business Magazine, SonicWall News: SonicWall today announced the introduction of the new Wi-Fi 6 wireless security product line, which provides always-on, always-secure connectivity for complex, multi-device environments.

SonicWall Boosts Wireless Play with Wi-Fi 6 Access Points

Electronic Specifier, SonicWall News: SonicWall has announced the introduction of the Wi-Fi 6 wireless security product line, which provides secure connectivity for complex, multi-device environments.

SonicWall Ships Wi-Fi 6 Wireless Access Points

Channel Pro Network, SonicWall News: SonicWall has introduced a pair of remotely manageable Wi-Fi 6 access points designed to secure wireless traffic while boosting performance and simplifying connectivity. The SonicWave 641 and SonicWave 681, part of the vendor’s new SonicWave 600 series, are based on the 802.11ax standard, which according to SonicWall can increase overall wireless throughput by up to 400% compared to Wi-Fi 5 technology and reduce latency by up to 75%.

10 States Most at Risk for Malware Attacks

Digital Journal, SonicWall News: Malware attacks—when an intruder tries to install harmful software on the victim’s computer without their knowledge—are a huge problem around the world. Beyond Identity collected data from the 2022 SonicWall Cyber Threat Report to rank the top 10 US states that are the most at risk for malware attacks.

Managing Risk: Cloud Security Today

Silicon UK, Bill Conner Quoted: GCHQ advisor and cybersecurity veteran at SonicWall, Bill Conner, commented on the rise in attacks: “We are dealing with an escalating arms race. At the same time, threat actors have gotten better and more efficient in their attacks. They are now leveraging readily available cloud tools to reduce costs and expand their scope in targeting additional attack vectors. The good news is, that the cybersecurity industry has gotten more sophisticated in identifying and stopping new ransomware strains and protecting organizations.”

Norway’s Oil Fund Warns Cybersecurity is Top Concern

The Financial Times, Bill Conner Quoted: Perpetrators can range from private criminal groups to state-backed hackers. Russia, China, Iran and North Korea are the most active state backers of cyber aggression, according to Bill Conner, executive chairman at SonicWall. “As sanctions go up, the need for money goes up as well,” he said. A cyber security expert who advises a different sovereign wealth fund said the “threat landscape” for such groups was “massive.” “When it comes to ransomware, about half of network intrusions are phishing attempts and the other half are remote access attacks using stolen credentials. You’ve also got insider threats [involving] someone with a USB drive, and sometimes people with access are just bribed,” he added.

How to be Ransomware Ready in Four Steps

Security Boulevard, SonicWall Threat Report Mention: 2021 was a breakout year for ransomware, growing 105% and exceeding 623.3 million attacks, according to SonicWall’s 2022 Cyber Threat Report.

SonicWall’s New CEO on M&A, Channel Commitment and the Biggest Cyber Threats

CRN, SonicWall Mention: Bob VanKirk took command of the platform security vendor on Aug. 1, six years after the company’s spin-off from Dell Technologies.

New SonicWall CEO Bob VanKirk on XDR, SASE & Going Upmarket

Information Security Media Group, SonicWall Mention: New CEO Bob VanKirk wants to capitalize on SonicWall’s distributed network technology and strength in the education and state and local government sectors to expand beyond the company’s traditional strength with small and mid-sized businesses and into larger enterprises. VanKirk says the company’s new high-end firewalls and security management capabilities should be a natural fit for larger customers.

Industry News

We have several stories that caught our eye for the week’s big read – all presenting serious threats to cybersecurity.

Over 1,800 Android and iOS Apps Leaking Hard-Coded AWS Credentials

More than 1,800 poorly scripted mobile apps have hard-coded Amazon Web Services credentials. The astounding part of this news is that many of these tokens gave access to millions of private files stored in Amazon S3 storage boxes. Hackers may have already harvested the tokens hidden in the code of the apps. Companies that the app developers created would be the victims, certainly, but so could any related apps.

Hacker News reports that many of these hard-coded access keys may have been accidentally added to apps by developers who thought they were adding trusted components to their code. For example, they may have used a hard-coded key to perform a function but forgot to limit the time it was active for security reasons. Half of the apps used the same AWS tokens as other apps by developers or companies. This highlights a severe supply chain problem with profound implications.

CyberWire adds that of the 1,800 apps identified in the breach, 98% were iOS apps. Additionally, 77% contained valid AWS tokens that allow access to AWS cloud services, and 47% included tokens that gave access to multiple files via the Amazon Simple Storage Service. Interestingly, over half of the AWS tokens discovered were used in other apps, even from differing developers and companies, and were traced to shared components within apps.

How The Desire to Influence Outweighs Common Sense Cybersecurity Safety

ProPublica published a detailed story about a scheme that netted several high-profile social media influencers – all in a plot to capture the all-important “blue check” which verifies the individual is whom they say they are. In one particularly sordid case involving Instagram and an influencer physician, medical patients were abused and had, in turn, launched an unrelated class-action lawsuit against him. But the focus is on how the physician received his “blue check mark.” Apparently, he devised a process to trick Meta (the owner of Instagram and Facebook), then went on to use the same scheme to verify hundreds of other accounts, including jewelers, crypto entrepreneurs, OnlyFans models and reality show TV stars.

While the dust settles on that event, now it appears that Instagram users are being suckered into giving away their passwords and personal information. How? They are falling for successor phishing offers to verify their profile with a fake blue checkmark badge process. The victim thinks the offer comes from Instagram and clicks a link to fill in the attached form.

CNET reports that researchers say the campaign begins with an email that is very easy to spot for grammatical errors and bad formatting. The fact is, Meta never reaches out to contact users for creating a blue badge. But that doesn’t sway people. The scam is so successful simply because the desire to appear influential is so powerful.

Data Tool Offers Police Mass Surveillance ‘On-a-Budget’

We noticed that a lot of bloggers picked this story up and thought we’d also go directly to the source because it was so remarkable. According Associated Press, about 24 US police departments are now using a data tool that takes derivative cellphone data to keep track of the movements of suspects. Police don’t need a search warrant to access location data. The data is collected by mobile apps such as Waze, Starbucks, and other companies which is then sold to a company named Fog Data Science.

This company harvests the advertising ID tags that are placed on individuals’ smartphones by the mobile applications they downloaded. Note that the advertising ID tag differs from the ID numbers that’s assigned to each phone by the cellphone carrier. The implication, since people don’t have to install apps on their phones, they’ve given permission to be tracked by a third-party who sells their data through an open user agreement. So, the big question is how this process affects state and federal privacy laws. While the idea seems like a cost-saving boon for cash-strapped police departments, the Electronic Frontier Foundation has also reported on this issue, noting that while the so-called derivative advertising identification data that police scan does not produce users’ names or addresses, such data can be cross correlated by following the data to a workplace or residential address. This is definitely a case to watch.