The Art of Cyber War: Sun Tzu and Cybersecurity

Weighing the lessons of Sun Tzu and how they apply to cybersecurity.

Sun Tzu sought to revolutionize the way war was fought. That’s saying quite a bit, since he was born in 544 BCE and lived during an era when most wars were little more than gruesome bludgeoning events between one or more groups armed with axes, clubs and sharp sticks.

While not much information about Sun Tzu’s life has survived, we know he was employed by the then-ruler of the Kingdom of Wei in what is now the northeastern heart of China. He was a Chinese general and philosopher who envisioned the psychological aspects of war, which was a completely original approach to armed conflict in ancient China.

Many historians believe Sun Tzu’s book was intended to help his colleagues engage in the many regional conflicts they faced. Today, Sun Tzu’s the Art of War is a bestseller that has transcended 2,000 years and hundreds of wars. The book has become a kind of Rosetta Stone of military theory, cited by theorists and translated well beyond the battlefield to gain prevalence in business schools worldwide and now cybersecurity.

The Art of Cyberwar: preparation.

Adapting Sun Tzu’s many well-known quotes to cybersecurity is pretty straightforward. We looked for three that could best describe important aspects of cybersecurity: preparation, planning and knowledge. For preparation, we settled on a re-quote of this well-known warning:

Cyber warfare is of vital importance to any company. It is a matter of life and death, a road to safety or ruin.

Despite his military background, Sun Tzu claimed that direct fighting was not the best way to win battles. But when fighting was necessary, it was wise to carefully prepare for every possibility. That’s the lesson commonly ignored by companies who, after a severe breach, found themselves fined, shamed and scorned because they neglected their network security and failed to protect themselves from attackers. To prepare, we not only need the most advanced technology possible, but we must also train the workforce and make cybersecurity everyone’s business.

The Art of Cyberwar: planning.

In the realm of planning, we considered how the “art” is also a source of wisdom for attackers:

Where we intend to fight must not be made known. Force the enemy to prepare against possible attacks from several different points and cause them to spread their defenses in many directions; the numbers we shall have to face at any given moment will be proportionately few.

This re-quote relates to other stratagems where Sun Tzu urges his generals to never underestimate their enemies and to plan for all possibilities. The same goes for cyber attackers. They will pick the easy battles to ensure they have the upper-hand. Therefore, as we engage our defense, it is wise to plan our defenses as though we are already targeted and have been breached.

The Art of Cyberwar: knowledge.

Sun Tzu guides us away from making rash emotional decisions by emphasizing the importance of knowledge. He suggested that leaders gain as much knowledge as possible when preparing for battle, but not to limit themselves to the enemy’s strengths and weaknesses.

If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle.

This bit of advice is a direct quote and accurately describes how cybersecurity should operate. Businesses must maximize the power of threat intelligence by giving IT teams the means to analyze real-time analytics and transform every scrap of data into actionable insights. IT teams should also be empowered to consider everything that could happen and assess the best course of action before, during and after a breach.

Explore and learn about the Art of Cyber War.

War theorists have long-standing debates about categorizing military activity preparations and execution. General Carl von Clausewitz stands next to Sun Tzu as one of the best-known and most respected thinkers on the subject. Paraphrasing from Clausewitz’s book Von Kriege (On War) published in 1832), he observes that the preparation for war is scientific, but the conduct of battle is artistic. As a science, we study logistics, technology and other elements depending on need. As an art, we rely on individual talent and grit to exploit opportunities that increase the likelihood of victory. Clausewitz also believed that war belonged to the province of social life, as are all conflicts of great human interest.

Cyberwar also fits these definitions. For instance, consider business activity as a combination of science, art and social life. As businesses compete in the marketplace, they carefully analyze the competition, create ways to appeal to audiences and press for social engagement and interaction. Shouldn’t we apply the same level of attention and resources for our cybersecurity? We think Sun Tzu would rub his beard and nod profoundly.

Cyberattacks for this year already eclipse the full-year totals from 2017, 2018 and 2019, according to the mid-year update to the 2022 SonicWall Cyber Threat Report. And new attack vectors are coming online every day. Without adequate preparation, planning and knowledge, companies and their customers are at a high risk of falling victim to devastating cyberattacks.

Explore and learn about the art and understand the science. Book your seat for MINDHUNTER 11, “The Art of Cyber War,” and learn from experts on how you can keep your company safe in the coming cyberbattles.

Cybersecurity News & Trends

Bringing you curated cybersecurity news and trends from leading news outlets and bloggers that monitor IT security worldwide.

Approaching the year’s close, SonicWall is still surging among news organizations and bloggers. We see numerous mentions of our marketing initiatives, the Cyber Threat Reports and the 2022 SonicWall Threat Mindset Survey.

And it’s also quite a week for Cybersecurity news. For our big read, we focus on renewed warnings from CISA about the Log4j2 vulnerability compiled from reports by CISA, MSSP Alert, and Hacker News. Next up, Krebs on Security reports on the Disneyland Team, a financial cybercrime group that spoofs bank brands with a dab of Punycode. According to Dark Reading, thousands of RDS snapshots are getting leaked to the public, possibly exposing personal information. Now we have poisoned Google search results to worry about? Bleeping Computer reveals that threat actors are using a new tactic to boost search results for illicit websites. And finally, as Twitter troubles mount, TechCrunch and NBC News speculate that it may not be safe to use the platform anymore.

Remember that cybersecurity is everyone’s business. Be safe out there!

SonicWall News

Malware, Spyware, and Ransomware: How They Differ and How to Respond

JD Supra, SonicWall News: Data from SonicWall Capture Labs revealed that the first half of 2022 saw an 11% increase in malware attacks compared to 2021, totaling around 2.8 billion attacks globally. Furthermore, over 2022, 35% of respondents have stated that poor preparedness was to blame when they experienced business-disrupting cyberattacks. Therefore, it is essential to take the necessary precautions to secure your device by installing the appropriate malware protection and recognizing the signs of an infected system.

Cybersecurity For Investors – Why Digital Defenses Require Good Governance

Seeking Alpha, SonicWall News: Cyberattacks are very costly. In the first half of 2022, at least 2.8 billion malware attacks were recorded globally, an increase of 11% over the previous 12 months, according to cybersecurity company SonicWall.

Study Shows the Worrying Human Cost of Cyber Attacks

Technology Magazine, SonicWall News: Research by SonicWall recently found there is growing concern regarding cyberattacks. Amongst 66% of organizations surveyed; ransomware leads the distress as 91% of all customers cited it as their biggest concern. Phishing and spear-phishing (76%), as well as encrypted malware (66%), comprised the top three concerns.

Ransomware Is the Biggest Concern for Most Organizations

HelpNetSecurity, SonicWall News: SonicWall released the 2022 SonicWall Threat Mindset Survey which found that 66% of customers are more concerned about cyberattacks in 2022, with the main threat being focused on financially motivated attacks like ransomware.

The Four Biggest Security Risks Facing Retailers in The Next Five Years

Retail Week, SonicWall News: Research shows the retail sector has been one of the top targets among cybercriminals, with a surge of more than 200% in ransomware attacks over the past year, according to SonicWall. Many retailers went through a digital transformation during the pandemic to allow customers to switch from in-store to online purchasing, which created more vulnerabilities and avenues for cybercrime.

Weekly Roundup

Channel Pro Network, SonicWall News: The recent 2022 SonicWall Cyber Threat Mindset Survey, including third quarter information, reported that customers saw an average of 1,014 ransomware attempts, a flood even though the total dropped 31% below attempts in 2021. 91% reported they were most concerned about ransomware attacks, a rising source of anxiety for security professionals. Ransomware-as-a-Service offerings make it easy to attack, and perpetrators are increasingly targeting financial firms with cryptojacking attempts, which were up 35% in the quarter. SonicWall’s Real-Time Deep Memory Inspection tools identified 375,756 malware variants never seen before during the first three quarters of 2022.

Latest SonicWall Intelligence Reveals Unstable Cyber Threat Landscape

European Business, SonicWall News: Being a security professional has never been more difficult,” said SonicWall President and CEO Bob VanKirk. “The cyber warfare battlefront continues to shift, posing dangerous threats to organizations of all sizes. With expanding attack surfaces, growing numbers of threats and the current geo-political landscape, it should be no surprise that even the most seasoned IT professional can feel overwhelmed. Armed with the latest cybersecurity tools, SonicWall partners can play a vital role in helping customers stay secure in even the most dynamic threat environments.

Report: Ransomware Attacks Trending Down in the United States

Security Today, SonicWall News: SonicWall recently released new threat data through the third quarter of 2022. SonicWall recorded more than 4 billion malware attempts globally while year-to-date ransomware attempts in 2022 have already exceeded full-year totals from four of the last five years. In the recent 2022 SonicWall Cyber Threat Mindset Survey, 91% of organizations reported that they are most concerned about ransomware attacks, indicating a rise of anxiety among security professionals.

Ransomware on the decrease and the ghost of ransom past?

IT Canada, SonicWall News: SonicWall’s 2022 Cyber Threat report was published this week. It claims that ransomware attacks shrunk by 23 per cent on a year-to-date worldwide basis over 2021. That’s good news, perhaps, but to put it in perspective, there were still over 236 million attacks so far in 2022. Moreover, the reduced 2022 number is still larger than the full year totals of 2017, 2018 and 2019.

2022 Cyber Threat Report Details Growing Trends

TechRepublic, SonicWall News: The cyberthreat landscape is constantly evolving, with new attacks developing every day. In their new report, SonicWall explores some of the most dangerous trends that security professionals need to have on their radar.

Economic Strife Fuels Cyber Anxiety

HelpNetSecurity, SonicWall News: The 2022 SonicWall Threat Mindset Survey found that 66% of customers are more concerned about cyberattacks in 2022, with the main threat being focused on financially motivated attacks like ransomware.

Industry News

Big Read: Log4j2 – the Threat CISA Doesn’t Want You to Forget

A little over a year ago, everyone was shocked by the Apache Log4j2 vulnerability because it affected any applications that use its extensive logging libraries. Log4j touches most Java applications and has a wide range of configuration options. As a result, an attacker could exploit a system running Log4j2 (or previous iterations) and execute arbitrary code.

This week, the US Cybersecurity and Infrastructure Security Agency (CISA) returned with a new reminder of the trouble Log4j2 vulnerabilities can still cause. In the latest report, the agency lays out details relating to MITRE ATT&CK tactics and techniques with guidance on what IT and security professionals can do to protect their systems.

MSSP Alert issued a report in August about a warning issued by the Microsoft Threat Intelligence Center (MSTIC) and Microsoft 365 Defender Research Team about an Iran-based threat actor calling themselves Mercury (aka “MuddyWater”) and exploiting Log4j 2 vulnerabilities in SysAid applications. MSPs use SysAid for IT service management (ITSM), ticket automation, task automation, asset management and patch management.

As reported in August by Hacker News, Mercury left no stone unturned to exploit unpatched systems running Log4j. They targeted Israeli entities but also other organizations, which gives some indication of the vulnerability’s ’long tail’ for ongoing and continuing attacks. The attacks were notable for using SysAid Server instances unsecured against the Log4Shell flaw as an approach for access. Prior to this method, threat actors leveraged VMware applications to breach target environments.

Disneyland Malware Team: It’s a Puny World After All

Krebs on Security reports on the Disneyland Team, a financial cybercrime group that spoofs bank brands using Punycode, an internet standard that allows browsers to render domain names with non-Latin alphabets such as Cyrillic. The tactic makes confusing-looking domains appear more legitimate. Click the link to the original report to see the ‘defanged’ version of the actual URLs. As a feature of the tactic, you may see extra dots or other characters in the URL, but they might not register as real input.

According to the report, the gang had been operating numerous Punycode-based Phishing domains for much of this year. They’re Russian-speaking and may be based in Russia — but they’re not a phishing gang per se. Rather, this group uses phony bank domains with malicious software already secretly installed on a victim’s computer.

The group steals money from victims infected with a potent strain of Microsoft Windows-based banking malware known as Gozi 2.0/Ursnif (Gozi). Gozi specializes in collecting credentials and is mainly used for attacks on client-side online banking to facilitate fraudulent bank transfers. Gozi also allows attackers to connect to a bank’s website using the victim’s computer.

Thousands of Amazon RDS Snapshots Are Leaking Out to the Public

Dark Reading report that Amazon’s Relationship Database Service (RDS) may be a target for hackers. Researchers at Mitiga discovered a way to scan and clone sensitive data from RDS storage volume snapshots. Administrators typically store these image files separately in a database. Hackers could copy the images if the database is shared with others or exposed to the internet. In addition, researchers said that hackers could find the source of the images and threaten to release them if the organization doesn’t pay them. The researchers discovered 2,783 images from around the globe, of which 810 were public. Mitiga suggests that RDS administrators and users take security precautions to encrypt their RDS volume snapshots.

Poisoned Google Search Results?

BleepingComputer reveals that threat actors abuse Google’s Looker Studio (formerly Google Data Studio) to boost search engine rankings for illicit websites that promote spam, torrents, and pirated content. The SEO poisoning attack analyzed by BleepingComputer uses Google’s datastudio.google.com subdomain to lend credibility to malicious domains. BleepingComputer says they came across several pages of Google search results flooded with datastudio.google.com links after a concerned reader reported seeing the erratic behavior. These links, rather than representing a legitimate Google Data Studio project, are minisites that host links to pirated content. For example, one search result sends users looking to “Download Terrifier 2 (2022)” to bit.ly links that redirect them multiple times to land on spammy websites. Additionally, the poisoning campaign uses a keyword stuffing technique, often considered a form of ‘spamdex’ to boost rankings of illicit domains.

Twitter Troubles

TechCrunch reports that Cybercriminals quickly capitalized on Twitter’s ongoing verification chaos by sending phishing emails designed to steal the passwords of unwitting users. Soon after the verification chaos ensued, hackers launched a phishing email campaign to lure Twitter users into posting their usernames and password on an attacker’s website disguised as a Twitter help form. Additionally, an email was sent from a Gmail account to a Google Doc with another link to a Google Site, which lets users host web content. The fact that they set this up within hours of the launch of Twitter’s new verification program speaks to the hackers’ agility and ability to take advantage of emerging threats.

After a series of layoffs and resignations by critical executives at Twitter, NBC News asked if it is still safe even to use Twitter. Cybersecurity experts they interviewed said that the firings and resignations at Twitter had made the platform more vulnerable to attacks from scammers, organized crime and hostile governments. Others opined that Twitter was quickly becoming a dangerous place for scams and that the theft of personal information added to a growing sense of chaos around the service, which Elon Musk purchased last month for $44 billion.

SonicWall Blog

Talking Boundless Cybersecurity at the Schoolscape IT 2022 Conference – Mohamed Abdallah

3 & Free: 1 Amazing Deal, 2 Exceptional Firewalls, 3 Years of Superior Threat Protection – Matt Brennan

SonicWall Wins CRN’s 2022 Tech Innovator Award in Enterprise Network Security – Bret Fitzgerald

SonicWall Included on the Acclaimed CRN Edge Computing 100 List for 2022 – Bret Fitzgerald

A New Era of Partnering to Win – Robert (Bob) VanKirk

Multiply Your Security with Multifactor Authentication – Amber Wolff

10 Reasons to Upgrade to the Latest SonicWall Gen 7 TZ Firewall – Sarah Choi

SonicWall Third-Party Threat Performance: Seven Times Superior – Amber Wolff

Q3 2022 Threat Intelligence Highlights Changing Threat Environment in 2022 – Amber Wolff

Securing Your Credentials: Does Your Password Pass the Test? – Amber Wolff

The Power of Patching: Why Updating Your Software Should Be a Top Priority

Think Before You Click: Spotting and Stopping a Phish – Amber Wolff

National Cybersecurity Awareness Month Spotlights the Role of Individuals in Stopping Attacks – Amber Wolff

Seamless Security: How SonicWall Solutions Work Together to Safeguard Your Organization – Sarah Choi

SonicWall’s Nicola Scheibe Recognized by CRN as One of 2022’s 100 People You Don’t Know But Should – Bret Fitzgerald

SonicWall NSM 2.3.4 Uplevels Central Management Capabilities – Amber Wolff

Cybersecurity and the Metaverse: Virtual and Real Threats – Ray Wyman

Why 5G Needs to Start with Secure Network Access – Rishabh Parmar

Security Platform Vendors vs. Best-of-Breed Approach to Security Architecture – Rajesh Agnihotri

Why Organizations Should Adopt Wi-Fi 6 Now – David Stansfield

Vote for SonicWall in Computing Security Awards 2022 – Bret Fitzgerald

SonicWall Earns 2022 CRN Annual Report Card (ARC) Honor – Bret Fitzgerald

Talking Boundless Cybersecurity at the Schoolscape IT 2022 Conference

At the Schoolscape IT 2022 conference, SonicWall highlighted how Boundless Cybersecurity safeguards schools of all sizes against the most advanced threats.

It was my privilege to address esteemed members and stakeholders in the education sector on behalf of main sponsor SonicWall at the recent Schoolscape IT 2022 conference.

An event highlighting how technology can integrate into the classroom of the future, Schoolscape IT 2022 took place in Cape Town and Johannesburg. With more than 120 schools and 250 attendees, it was an opportune moment to talk about cybersecurity and its role in building safer educational institutions for students and teachers alike.

Over the last few years, it has become apparent that countries in the Middle East and Africa are more susceptible to ransomware and network attacks. And that’s no less true for their schools and universities.

In a post-pandemic world that is increasingly online, risk has escalated along with the explosion of exposure points and the growth of remote/mobile workers. Securing this cybersecurity reality can be cost-prohibitive, and the acute shortage of trained personnel doesn’t help any. With resources so constrained, it can be hard to keep up with the challenges of today.

How Boundless Cybersecurity Protects Networks at a Lower TCO

The mid-year update to the 2022 SonicWall Cyber Threat Report noted an 11% increase in global malware, a 77% spike in IoT malware and a 132% rise in encrypted threats over the course of 2021. As attacks become more plentiful, sophisticated and complex, so should solutions. Instead of relying on reactive solutions, SonicWall’s boundless cybersecurity is the need of the hour.

Boundless Cybersecurity provides many features that ensure educational institutions are providing safe education, including:

  • Data-centric security posture
  • Always on, always learning software
  • Secure remote and mobile workforce
  • Aware of current and emerging attack vectors and threat sophistication
  • Protecting against the most evasive threats

How SonicWall Facilitates Secure Learning

Secure learning is essential for the safety of schools and students, whether they are in class or studying remotely. SonicWall offers real-time breach prevention and secure access to resources from anywhere, from any device, at any time, using solutions that deliver protection in the network, in the cloud and at the endpoint.

SonicWall's exclusive threat data shows nearly across-the-board increases in threat volume

Later in the event, Ziyad Ashour offered valuable insight into edtech that keeps learners safe. Mr. Ashour, who is the head of ICT for Al Dhafra Private Schools, Abu Dhabi, UAE, talked about how his schools suffered during the pandemic because they were unable to deal with the sudden increase in online traffic and the resulting security threats. He explained how SonicWall was able to provide cybersecurity that safeguarded their school and addressed their specific needs.

SonicWall’s very own Ashley Lawrence (Regional Sales Senior Manager – Sub-Saharan Africa), also spoke at the event, offering a quick intro to the company and the many solutions we provide to our 28,000+ channel partners.

Among the several case studies presented was that of Amanzimtoti High School in South Africa  — a stellar example of how a public school can transform its basic, open network into a secure and powerful tool for both students and teachers. The school used the TZ 600 next-generation firewall, which allowed them to create two separate networks, one for students and the other for teachers.

We also presented the success stories of Johannesburg’s McAuley House School and Pridwin Preparatory School, where SonicWall solutions were deployed to prevent ransomware and help increase remote access for staff, respectively.

With the successful completion of the Schoolscape IT conference 2022, we look forward to next year, where we can continue the important conversation of safe and secure education.

3 & Free: 1 Amazing Deal, 2 Exceptional Firewalls, 3 Years of Superior Threat Protection

Unlock 3 & Free pricing on NSa 2700 or 3700 next-generation firewalls when you bundle a HA firewall and our top-performing security services.

Recent ICSA testing has proven that nothing beats the combination of a NSa Series NGFW and Capture ATP. And to celebrate our latest perfect score, we’re offering you the perfect chance to score major savings on this unstoppable duo, with the return of SonicWall’s ‘3 & Free’ promotion.

For a limited time, when you purchase an NSa 2700 or NSa 3700 High Availability firewall with three years of advanced licensing, you’ll receive the primary unit with stateful license absolutely free.

Why ‘3 & Free’ is the Best Deal of the Season

“The return of our popular 3 & Free promo offers anyone waiting for a good opportunity to upgrade or replace their old firewall a chance to do so at tremendous savings,” said Jason Carter, SonicWall Executive Vice President, Americas Channels & Global Renewals. “You’ll enjoy SonicWall’s industry-leading threat capabilities, simplified management and unprecedented performance. And with the addition of a second unit, you also get the assurance of a reliable, continuous connection, all at no extra cost.”

Taking advantage of the 3 & Free promotion couldn’t be simpler: When a customer purchases an NSa 2700 or NSa 3700 High Availability appliance and three years of Advanced Protection Services Suite, they’ll also get the primary NSa 2700 or NSa 3700 NGFW and a stateful HA Upgrade Service License free.

Best of all, this promotion is for every SonicWall upgrade that qualifies. You don’t have to be a current SonicWall customer to take advantage of the savings: If you make the switch from a competing product, you’ll enjoy the same great deal.

What Sets the NSa 2700 and NSa 3700 Apart

The SonicWall NSa Series is one of the best mid-range firewalls on the market. It offers superior performance to SMBs and branches, and it’s powered by SonicOS7 — which has been redeveloped from the ground up to be more agile, flexible and user-friendly than any of its predecessors.

Not sure which firewall is right for you? Here’s a closer look at the specifics:

The NSa 2700 and NSa 3700 are both great for small businesses, medium-sized businesses and branch offices. Here's a closer look at the stats for both.

In addition to the superior threat protection provided by the NSa Series, with the purchase of three years of SonicWall Advanced Protection Services Suite, you also get access to Capture ATP with RTDMI™ (Real-Time Deep Memory Inspection™).

Capture ATP is a cloud-based, multi-engine sandbox that can detect and block the most advanced threats before they have the chance to infect your network.

Included as part of Capture ATP, our patented RTDMI™ technology leverages proprietary memory inspection, CPU instruction tracking and machine learning capabilities to become increasingly efficient at recognizing and mitigating never-before-seen attacks. This includes attacks that traditional sandboxes will likely miss, such as threats that don’t exhibit any malicious behavior and hide their weaponry via encryption.

How the NSa Series Stacks Up to the Competition

When compared with other firewalls in its class, the NSa Series with Advanced Protection Services Suite repeatedly comes out on top.

For the past seven quarters, SonicWall has submitted a NSa Series NGFW with Capture ATP and RTDMI™ for independent, third-party ICSA testing. And for the past seven consecutive quarters — over 223 days of continuous testing, consisting of 9,071 test runs — SonicWall Capture ATP found all 4,251 malicious samples, the majority of which were four hours old or less. And over this entire stretch, the solution only misidentified a single one of the 4,820 innocuous apps scattered throughout.

SonicWall has now earned more perfect scores — and more back-to-back perfect scores — than any other active vendor, with a streak of 100% threat detection scores going back to January 2021 and 11 total certifications in all.

But since threat detection is only part of the picture, SonicWall occasionally performs more thorough market comparisons to evaluate its position on factors such as total cost of ownership, performance and more.

NSa 2700 Firewall vs. Fortinet FG 100F

SonicWall also commissioned Tolly Group to perform an in-depth comparison of the SonicWall NSa 2700 and the Fortinet FG 100F, both with equivalent security services and configured in HA mode. In this evaluation, SonicWall NSa Series came out on top as well: In its report, Tolly Group noted that the SonicWall solution had a significantly lower 3-year TCO.

When Tolly Group compared the SonicWall NSa 2700 with the Fortinet FG100F, SonicWall had a much lower cost per Gbps of threat protection.

This was due to several factors, chief among them the fact that SonicWall only charges for licensing the primary unit in a High Availability deployment. Given that the SonicWall NSa 2700 offers 3 Gbps to the FG100’s 1 Gbps, the Fortinet solution had a cost per Gbps of traffic protected that was 4.5 times that of the SonicWall solution. (Keep in mind that this value comparison used regular SonicWall pricing: Those taking advantage of the 3 & Free promotion will see even greater savings.)

The report also noted that in NetSecOpen testing, the NSa 2700 had an overall block rate of 99.43%, compared with 93.98% for the Fortinet appliance — yet another confirmation of SonicWall’s superior threat-blocking capabilities.

SonicWall Wins CRN’s 2022 Tech Innovator Award in Enterprise Network Security

SonicWall is thrilled to share that CRN has chosen SonicWall’s Network Security Appliance (NSa) 5700 Next Generation Firewall as a winner for the 2022 CRN Tech Innovator Awards in the Security – Enterprise Network Security category.

This annual award program celebrates innovative vendors in the IT channel across 38 different technology categories, in critical business areas ranging from cloud to storage to networking to security. The selection process for this year’s winners was overseen by a panel of CRN editors and is based on a review of  hundreds of vendor products using multiple criteria. These include key capabilities, uniqueness, technological ingenuity, and best fit with customer and solution provider needs.

“The growing volume of ransomware attacks has the enterprise moving quickly to evaluate their mitigation capabilities and strengthen their security postures,” said SonicWall CEO and President Bob VanKirk. “We consistently see high-profile, highly publicized cyber-attacks. SonicWall is there to help deliver solutions that are cost-effective with high security efficacy for organizations both large and small. We’re grateful to be recognized by CRN as offering the best Enterprise Network Security solution available.”

SonicWall Generation 7 Network Security Appliance next-generation firewalls offers enterprise-leading performance at the lowest total cost of ownership. With comprehensive security features such as intrusion prevention, VPN, application control, malware analysis, URL filtering, DNS Security, Geo-IP and Bot-net services, it protects the perimeter from advanced threats without becoming a bottleneck. The Gen 7 NSa Series has been built from the ground up with the latest hardware components, all designed to deliver multi-gigabit threat prevention throughput – even for encrypted traffic.

“Our CRN Tech Innovator Awards recognize those technology vendors that are making the biggest impacts in digital transformation for solutions providers with unique, cutting-edge products and services,” said Blaine Raddon, CEO of The Channel Company. “It is my pleasure to congratulate each and every one of our 2022 CRN Tech Innovator Award winners. We’re delighted to recognize these best-in-class vendors that are driving transformation and innovation in the IT space.”

The Tech Innovator Awards will be featured in the December issue of CRN and can be viewed online at crn.com/techinnovators.

Cybersecurity News & Trends

Every week SonicWall collects the most compelling, trending and important interviews, media and news stories affecting your cybersecurity — just for you.

We start with SonicWall’s surging attention from industry news. There were a lot of mentions of our Cyber Threat Reports and the 2022 SonicWall Threat Mindset Survey. Financial Times was among them, and we included that one for Industry News.

It’s the end of the year and publications have started their “Top Trends for 2023” cycle. This first harvest is our big read and includes predictions from Forbes and ZDNet. We will revisit this topic as more publications release their editorial perspectives. Then the Financial Times asks the very reasonable question when companies face ransomware: is there a case for paying up? This report includes analysis and data from SonicWall’s mid-year 2022 Cyber Threat Report. Next, Bleeping Computer reports that hackers are selling access to 576 corporate networks for $4 million. And finally, a ‘Knock Knock’ joke that nobody is laughing about, from Dark Reading.

Remember that cybersecurity is everyone’s business. Be safe out there!

SonicWall News

Study shows the worrying human cost of cyber attacks

Technology Magazine, SonicWall News: Research by SonicWall recently found there is growing concern regarding cyberattacks. Amongst 66% of organizations surveyed; ransomware leads the distress as 91% of all customers cited it as their biggest concern. Phishing and spear-phishing (76%), as well as encrypted malware (66%), comprised the top three concerns.

Ransomware is the biggest concern for most organizations

HelpNetSecurity, SonicWall News: SonicWall released the 2022 SonicWall Threat Mindset Survey which found that 66% of customers are more concerned about cyberattacks in 2022, with the main threat being focused on financially motivated attacks like ransomware.

The four biggest security risks facing retailers in the next five years

Retail Week, SonicWall News: Research shows the retail sector has been one of the top targets among cybercriminals, with a surge of more than 200% in ransomware attacks over the past year, according to SonicWall. Many retailers went through a digital transformation during the pandemic to allow customers to switch from in-store to online purchasing, which created more vulnerabilities and avenues for cybercrime.

Weekly Roundup

Channel Pro Network, SonicWall News: The recent 2022 SonicWall Cyber Threat Mindset Survey, including third quarter information, reported that customers saw an average of 1,014 ransomware attempts, a flood even though the total dropped 31% below attempts in 2021. 91% reported they were most concerned about ransomware attacks, a rising source of anxiety for security professionals. Ransomware-as-a-Service offerings make it easy to attack, and perpetrators are increasingly targeting financial firms with cryptojacking attempts, which were up 35% in the quarter. SonicWall’s Real-Time Deep Memory Inspection tools identified 375,756 malware variants never seen before during the first three quarters of 2022.

Latest SonicWall Intelligence Reveals Unstable Cyber Threat Landscape

European Business, SonicWall News: Being a security professional has never been more difficult,” said SonicWall President and CEO Bob VanKirk. “The cyber warfare battlefront continues to shift, posing dangerous threats to organizations of all sizes. With expanding attack surfaces, growing numbers of threats and the current geo-political landscape, it should be no surprise that even the most seasoned IT professional can feel overwhelmed. Armed with the latest cybersecurity tools, SonicWall partners can play a vital role in helping customers stay secure in even the most dynamic threat environments.

Report: Ransomware Attacks Trending Down in the United States

Security Today, SonicWall News: SonicWall recently released new threat data through the third quarter of 2022. SonicWall recorded more than 4 billion malware attempts globally while year-to-date ransomware attempts in 2022 have already exceeded full-year totals from four of the last five years. In the recent 2022 SonicWall Cyber Threat Mindset Survey, 91% of organizations reported that they are most concerned about ransomware attacks, indicating a rise of anxiety among security professionals.

Ransomware on the decrease and the ghost of ransom past?

IT Canada, SonicWall News: SonicWall’s 2022 Cyber Threat report was published this week. It claims that ransomware attacks shrunk by 23 per cent on a year-to-date worldwide basis over 2021. That’s good news, perhaps, but to put it in perspective, there were still over 236 million attacks so far in 2022. Moreover, the reduced 2022 number is still larger than the full year totals of 2017, 2018 and 2019.

2022 Cyber Threat Report Details Growing Trends

TechRepublic, SonicWall News: The cyberthreat landscape is constantly evolving, with new attacks developing every day. In their new report, SonicWall explores some of the most dangerous trends that security professionals need to have on their radar.

Economic Strife Fuels Cyber Anxiety

HelpNetSecurity, SonicWall News: The 2022 SonicWall Threat Mindset Survey found that 66% of customers are more concerned about cyberattacks in 2022, with the main threat being focused on financially motivated attacks like ransomware.

Ransomware In the US Is Down 51% Compared To 2021

Security Magazine, SonicWall News: There were more than 4 billion malware attempts globally in Q3, while year-to-date ransomware attempts in 2022 have already exceeded full-year totals from four of the last five years. However, ransomware levels in the United States are trending down, with a decrease of 51% of ransomware attack volume compared to 2021 levels.

Ransomware Attacks Are Down This Year – But That’s Not Really a Great Thing

TechRadarPro, SonicWall News: Despite it never being easier to launch a ransomware (opens in new tab) attack, the number of such incidents has actually dropped year-on-year, a new report from cybersecurity company SonicWall has claimed. The company’s latest threat intelligence paper, covering Q3 2022, says that in the US alone, the number of ransomware attacks was cut in half (-51%). However, other parts of the world came into focus, with attacks rising by 20% in the UK, 38% in the EMEA region, and 56% in APJ, compared to the same timeframe, last year.

Hackers Increasingly Targeting IoT Devices

TechMonitor, SonicWall News: In the last quarter of this year there has been a 98% rise in malware detected targeting IoT (internet of things) devices, according to a new report by threat intelligence agency SonicWall. It comes as the number of never-before-seen malware variants also spiked, rising by 22% year-on-year.

Industry News

Big Read: The Top Cybersecurity Trends for 2023

The last several years have been especially hard for cybersecurity, so much, so that board room meetings are the setting for detailed threat reports and network security assessments. Of course, they have. Losses from attacks – because of regulatory penalties to practical marketing – have increased dramatically. So, we thought we’d start looking at what the industry is thinking about for 2023.

Forbes gives us a tidy list of considerations for 2023. They predict more significant impacts from IoT devices and cloud security, ongoing and shifting work-from-home cybersecurity priorities, growing state-sponsored attacks, AI in cybersecurity, and the mechanics of building a security-aware culture.

ZD Net looked at the same topic and landed on a few notable trends: the continuing shortage of cybersecurity-ready workers and more significant threats to the supply chain, notably from industrial espionage. ZD also added to our worry list vulnerability from Web3, specifically blockchain, cryptocurrency and token-based economics. ZD Net concludes that today’s security problems are still to be fixed, and evolving technologies mean there will be new challenges.

Ransomware Attacks: Is There a Case for Paying Up?

Ransoms are not new to crime. Nor is the question of whether to pay or not. But it’s a genuine and rational consideration for companies facing ransomware attacks. Imagine watching your data and network locked down, employees idle, and hackers taunting you with demand payments in exchange for the encryption key. Ransoms exploded in 2020-2021 after work-from-home made everyone more susceptible to attacks and hacks.

The Financial Times observes that the tide appears to be turning from the recorded onslaught. In its mid-year 2022 Cyber Threat Report, Sonic­Wall identified a 23% drop in ransomware attempts. And the downtrend is partially attributed to the increase in organizations willing to pay cybercriminals.

According to SonicWall, some victims have become more reluctant to pay due to growing awareness that many ransomware criminals are linked to Russia. Targets could therefore risk violating sanctions — and incurring civil penalties — if they sent them money. Then again, some victims may be worried that the money could fund the Russian government’s actions and object to paying a ransom on ethical grounds.

Selling Access to 576 Corporate Networks for $4 Million

Bleeping Computer reports that a new report shows that hackers are selling access to 576 corporate networks worldwide for a total cumulative sales price of $4,000,000, fueling attacks on the enterprise. The research comes from Israeli cyber-intelligence firm KELA which published its Q3 2022 ransomware report, reflecting stable activity in the sector of initial access sales but a steep rise in the value of the offerings. The report describes the role of Initial Access Brokers (IABs) in selling access to corporate networks using credentials that have been stolen, webshells or other exploited vulnerabilities in publicly available hardware. Once they have gained access to the network, the threat agents sell access to other hackers who harvest data, run ransomware, and conduct malicious activities. This is proof that access is now a growing hacker commodity with appreciating market value.

China is Likely Stockpiling and Deploying Vulnerabilities

The Register notes that increased espionage and cyberattacks are linked to a new law that requires network and device vulnerabilities to be reported to Beijing. Microsoft has asserted that China’s offensive cyber capabilities have improved thanks to a rule that has allowed Beijing to create an arsenal of unreported software vulnerabilities. China’s 2021 law required organizations to report security vulnerabilities to local authorities before disclosing them to any other entity. The rules mean Beijing can use local research to hoard information on vulnerabilities and pick and choose their attack.

The ‘Knock, Knock’ Joke that Isn’t

Sounds like the opening to a joke, but it isn’t. Dark Reading reports that an Aiphone bug literally allows cyberattackers to open physical doors. The issue was narrowed down to a vulnerability in a series of popular digital door-entry systems offered by Aiphone. The vulnerability enables hackers to breach the entry systems simply by using a mobile device armed with near-field communication. According to the report, the devices in question (GT-DMB-N, GT-DMB-LVN, and GT-DB-VN) are used by high-profile customers, including the White House and the United Kingdom’s Houses of Parliament.

A researcher discovered the vulnerability with the Norwegian security firm Promon, who also found no limit to the number of times someone can enter an incorrect password on some Aiphone door-lock systems.

In case you missed…

SonicWall Wins CRN’s 2022 Tech Innovator Award in Enterprise Network Security – Bret Fitzgerald

SonicWall Included on the Acclaimed CRN Edge Computing 100 List for 2022 – Bret Fitzgerald

A New Era of Partnering to Win – Robert (Bob) VanKirk

Multiply Your Security with Multifactor Authentication – Amber Wolff

10 Reasons to Upgrade to the Latest SonicWall Gen 7 TZ Firewall – Sarah Choi

SonicWall Third-Party Threat Performance: Seven Times Superior – Amber Wolff

Q3 2022 Threat Intelligence Highlights Changing Threat Environment in 2022 – Amber Wolff

Securing Your Credentials: Does Your Password Pass the Test? – Amber Wolff

The Power of Patching: Why Updating Your Software Should Be a Top Priority

Think Before You Click: Spotting and Stopping a Phish – Amber Wolff

National Cybersecurity Awareness Month Spotlights the Role of Individuals in Stopping Attacks – Amber Wolff

Seamless Security: How SonicWall Solutions Work Together to Safeguard Your Organization – Sarah Choi

SonicWall’s Nicola Scheibe Recognized by CRN as One of 2022’s 100 People You Don’t Know But Should – Bret Fitzgerald

SonicWall NSM 2.3.4 Uplevels Central Management Capabilities – Amber Wolff

Cybersecurity and the Metaverse: Virtual and Real Threats – Ray Wyman

Why 5G Needs to Start with Secure Network Access – Rishabh Parmar

Security Platform Vendors vs. Best-of-Breed Approach to Security Architecture – Rajesh Agnihotri

Why Organizations Should Adopt Wi-Fi 6 Now – David Stansfield

Vote for SonicWall in Computing Security Awards 2022 – Bret Fitzgerald

SonicWall Earns 2022 CRN Annual Report Card (ARC) Honor – Bret Fitzgerald

SonicWall Capture ATP Earns 100% ICSA Threat Detection Rating for Sixth Straight Quarter – Amber Wolff

Ten Cybersecurity Books for Your Late Summer Reading List – Amber Wolff

SonicWall Included on the Acclaimed CRN Edge Computing 100 List for 2022

MILPITAS, Calif. — OCT. 25, 2022 — SonicWall announced today that CRN, a brand of The Channel Company, earned a spot in its 2022 Edge Computing 100 list in the security category. The annual list honors the trailblazing vendors leading the channel with next-generation technology that is helping to build intelligent edge solutions for Edge Hardware, Software and Services; IoT and 5G Edge Services; and Security.

“SonicWall prides itself on providing innovative security solutions that supply its channel partners with next-generation edge technologies that allow businesses to capture, process, and use data in more intelligent ways,” said SonicWall VP of Products Jayant Thakre. “This acknowledgment by CRN is an indicator of SonicWall’s unwavering commitment to the channel and delivering efficient and reliable security solutions for our customers.”

Now more than ever, we have grown to understand the importance of adapting quickly to market conditions, changes, and trends. The rise of the intelligent edge is making that easier, delivering solutions that move data collection and processing closer to where it’s needed the most — users. Extracting the value of data is a key differentiator for every business today. As more employees move to hybrid or remote work, the need for elevating and securing the edge is critical. The vendors highlighted on this year’s Edge Computing 100 list encompass the dedication and commitment to constantly improving the technology to provide utmost security and precision technology to the channel.

Having an intelligent edge wrapped in security tools and channel services is key to a successful edge deployment, and SonicWall’s cloud-native management and analytics transform threat data into defensive actions to mitigate hidden risks across networks, applications, and users. Its virtual offerings and cloud services are paired with on-premises deployments to solve security issues for SMBs, enterprises and governments.

“CRN’s 2022 Edge Computing 100 list is an exciting opportunity for CRN to recognize innovative vendors that are delivering the technology enterprises need to build unique, intelligent edge solutions,” said Blaine Raddon, CEO of The Channel Company. “These contributors empower channel partners to work smarter and extract the most value from their data. We want to celebrate their impact on the IT channel and the incredible progress we are able to make because of them. Congratulations to all those recognized on this year’s list!”

The categories recognized in this list include Edge Hardware, Software and Services; IoT and 5G Edge Services; and Security.

Companies named to the Edge Computing 100 list are judged on a number of criteria, including the company’s impact on the market, its overall influence on the channel, and the types of technologies and services it makes available to partners to help them build state-of-the-art edge solutions.

A New Era of Partnering to Win

SonicWall Partners are at the core of our success. We’re continually improving products, services, support, and brand awareness.

After a couple of months now as President and CEO of SonicWall, I’ve had a chance to begin focusing on the core objectives that will continue to drive the company going forward. A primary focus of mine will be staying better aligned with you, our trusted partners. To that end, I’d like to offer the first of many updates on how we’re doing as a company, what to expect in the future, and how we’re tracking on goals we’ve set for ourselves.

Where We Are and Where We’re Going

SonicWall is in the midst of historic growth: We’ve experienced five consecutive quarters of double-digit growth, with both top- and bottom-line performance at or near historic highs.

At the core of our successes are the key contributions from our partner community. We’re seeing strong bid performance globally, with record levels of Deal Registration Create, Deal Registration Close, In-Quarter Create and In-Quarter Close. We’re unbelievably thankful for your incredible performance and continued dedication.

We continue to see growth in the SMB market, which aligns to our strategy of building on our leadership there. We’re also continuing our expansion into the enterprise market, with strong growth in 2022. Much of this increase is due to the tremendous success of our enterprise-class NSsp next-generation firewall. We’re now coming off our highest-performing quarter of all time for our NSsp firewalls.

The growth of NSsp and other offerings has been bolstered by the strength of SonicWall’s supply chain. In 2020, long before any wide-scale supply-chain disruption had occurred, SonicWall had begun modifying its products, revisiting internal processes and changing the way we work with suppliers.

This has allowed us to have product in stock when others didn’t. In partnership with you, last year alone we collectively drove a 33% increase in the number of new customers and a 45% increase in sales — all while fulfilling 95% of all orders within just three days.

Getting ahead of supply-chain disruption has also allowed us to realize supply chain and shipping cost advantages, which in turn has enabled us to continue to offer industry-leading TCO. While SonicWall has long focused on providing the best products at the best value, during this time of economic uncertainty, this has become an even greater differentiator.

Prior to 2020, SonicWall had already begun looking toward a future built around widespread remote work. Since then, we’ve been developing, refining and expanding our cloud product offerings, including our Cloud Edge Secure Access solution, our NSv virtual firewall and more. And our focus in this area is paying off, with SonicWall’s cloud evolution achieving 36% growth in 2022.

The drivers of SonicWall’s long-term plan include maintaining our sizeable SMB base, steadfast growth in the enterprise space, and continued expansion into next-generation cloud security. And these strategies will be underpinned by ongoing innovation as we continue to build on our Boundless Cybersecurity architecture.

How We’re Continually Improving Customer and Partner Support

During this time, we’ll continue to focus on growing our MSSP program. In early 2023, we’ll introduce an updated MSSP portal, which will provide greater value for our MSSP partners.  We’re also increasing our MSSP product offerings: stay tuned as we lean even further into that area and ensure that every product is aligned to our MSSPs.

Over the past couple years, you’ve emphasized the importance of customer and technical support. We’ve already begun making strides toward greater alignment in this area, both through our web support presence and through our one-on-one support.

We’ve continued to grow and refine our knowledgebase and self-service options. As of this writing, our self-service score is 19-1. In other words, for every 19 inquiries, only one turns into a phone call — the other 18 are sufficiently addressed via the knowledgebase and other online tools. (For context, 13-1 is viewed as best in class.)

As you know, this is a journey and not a destination, and we’ll continue to do our best here. In fact, some of our efforts to improve the user experience for web-based support are already bearing fruit. In August, the Association of Support Professionals (ASP) awarded SonicWall a special award for Best Search on a Support Website, the first time such an award had ever been given.

ASP's annual Best Support Website, awarded to SonicWall in 2022 for our work with our partners.

But because not all support tasks can be handled through online inquiry, we’ve also been investing heavily in our support call center. We aren’t just focused on adding more support resources, however — we’re also focused on supporting more partners and customers, which is key as we grow and expand. Among our support initiatives is the addition of local language support wherever possible, greatly increasing the breadth of our support program.

How We’re Building Brand Awareness

Not all support is after the sale, however — we’re aware that we can make your jobs easier by ensuring end users recognize SonicWall and our partners as thought leaders in the cybersecurity space. In July, we released the mid-year update to our 2022 SonicWall Cyber Threat Report. This report continues to set records, not only in number of downloads, but also in terms of media coverage and mentions in major articles and news stories.

The Threat Report also serves as a vehicle to highlight SonicWall’s threat performance, particularly our patented Real-Time Deep Memory Inspection (RTDMI™). Through the end of Q3 2022, this technology had discovered 373,756 new malware variants — a 22% year-to-date increase, and an average of 1,374 new variants per day.

These capabilities have also been validated by third-party testing — not just once, but seven times in a row. For the past seven consecutive quarters, ICSA Labs has evaluated a SonicWall NSa 3600 equipped with Capture ATP with RTDMI. And in every test cycle, the solution identified 100% of new and little-known threats, some only hours old.

SonicWall is currently the only participating vendor to achieve seven straight 100% threat detection scores, and we’ve now had seven consecutive quarters with the highest overall score among all participants.

Our Partners Are at the Core

But no matter how strong our portfolio is, at SonicWall we know we’re only as strong as our partner community. That’s why we’re working toward increased partner communication and collaboration on every front.

Gen 7 have seen an eight- to nine-times improvement in their top line.

We’ll continue to focus on expanding our technical tracks, as well as our SonicWall University offerings, which have been incredibly successful. We’ve found that partners who take just three hours of SonicWall U training on topics such as Gen 7 have seen an eight- to nine-times improvement in their top line.

But for those who may not have a chance to complete a full training module right away, we’re introducing a new series of 15-minute videos that will serve as a supplement to our SonicWall U training. These videos will provide a bite-sized look at a particular topic and can be shared across your team and with customers. In our GTM revamp of the SonicWall sales team four years ago, we moved to weekly mandatory training for the entire team — something even I continue to do — every week.

With the COVID-19 pandemic easing a bit in many places, we’ll be ramping up our in-person training and will continue reintroducing our regional roadshows. Our Sales Enablement team members have begun meeting partners and customers in person where appropriate, as well.

But as our Sales Enablement team hits the road, we recognize they may be unavailable while they’re in transit or with customers. To maintain a Sales Enablement presence that’s consistently available, we’ve begun investing in virtual SES. These team members are equipped with a variety of tools and will be available during working hours in case you need a quick response.

We’re also in the process of revamping our SonicWall Secure First Partner Program. We’ll be spending a considerable amount of time, effort and investment into improving this program from a partner standpoint, to offer high-quality training and to reward the commitment partners are making in SonicWall.

Like so many of our other initiatives, this one is built around acknowledging the work that our partners put in and continuing to learn how we can better align and better understand your needs and pain points.

Going forward, my key priority is ensuring we’re listening across the company to our partners — getting your input and soliciting your opinion to shape our initiatives and offerings, as opposed to just providing updates. We’ve always strived to be a partner-centric company, but we want to continue to grow in how we can better support and enable our partners across every function and team.