Cybersecurity News & Trends for December 2, 2022

Each week SonicWall curates the cybersecurity industry’s most compelling, trending and important interviews, media and news stories — just for you.

SonicWall is on a roll with cyber news reporters and bloggers. Check out the line-up, and you’ll see a steady pace of SonicWall in the news with our marketing initiatives, the Cyber Threat Reports and the 2022 SonicWall Threat Mindset Survey.

Speaking of steady paces, the news from the industry hasn’t slowed either. Dark Reading reports that the cybersecurity forecast for 2023 is more disruption. Security Magazine reports on the realization that hackers are getting behind the psychological effect of their attacks. Krebs on Security explains how ConnectWise quietly patched a flow that helped phishers. According to Hacker News, hackers sign android malware apps with compromised platform certificates. The Record reports that several major car brands have begun fixing vulnerabilities that would have allowed hackers to remotely control the locks, engine, horn, headlights, and trunk of certain cars made after 2012. SC Magazine tells us that most US defense contractors fail basic cybersecurity requirements. And finally, Dark Reading offers details on how CISA’s strategic plan is ushering in a new era for cybersecurity.

Remember that cybersecurity is everyone’s business. Be safe out there!

SonicWall News

Chartered Status and Aligned Standards Are Crucial For The UK’s Cyber Sector

Computer Weekly, SonicWall News: SonicWall’s 2022 Cyber threat report states that ransomware incidents on governments across the globe increased by 1,885% last year, with the healthcare industry alone suffering a 755% increase.

Benefits Of VPN For Small Businesses

GIS User, SonicWall News: We recommend using a reliable VPN service that uses military-grade encryption, such as SonicWall VPN. It has a wide range of features and is very affordable. It is important to note that not all VPN services are created equal, so it is essential to do your research before choosing one.

Cyber Predictions for 2023

Cyber Magazine, SonicWall News: We can expect smaller scale attacks, for lower amounts of money, but which target a much broader base. The trend will probably hit education providers hard: education is already the sector most likely to be targeted by a malware, cryptojacking or encrypted attack, according to SonicWall’s 2022 Cyber Threat Report.

7 Steps to Future-Proof Your MSP Business and Stay Relevant

G2, SonicWall News: In 2021, SonicWall recorded 623.2 million ransomware attempts globally, an increase of 105% year-over-year. Just ransomware attacks.

Firewall Cybersecurity Providers You Should Know

Channel Futures, SonicWall News: Montenegro said SonicWall is a top NGFW provider. In March, SonicWall announced that 2021 was its best year on record. Propelled by the delivery of high-demand products, including the evolution of its Generation 7 NGFWs and a focus on its customers, SonicWall delivered record levels of sales and profitability in 2021.

How Remote Working Impacts Security Incident Reporting

CSO Online, SonicWall News: System- and endpoint-based security incident reporting and response can be negatively impacted by remote working too, says Immanuel Chavoya, emerging threat detection expert at SonicWall. “For instance, if the system flagged a user’s machine for a malware intrusion, there may be some delay in the security team being able to make any necessary updates, whereas, in person, the security engineer can immediately access the device and take any necessary action.”

Malware, Spyware, and Ransomware: How They Differ and How to Respond

JD Supra, SonicWall News: Data from SonicWall Capture Labs revealed that the first half of 2022 saw an 11% increase in malware attacks compared to 2021, totaling around 2.8 billion attacks globally. Furthermore, over 2022, 35% of respondents have stated that poor preparedness was to blame when they experienced business-disrupting cyberattacks. Therefore, it is essential to take the necessary precautions to secure your device by installing the appropriate malware protection and recognizing the signs of an infected system.

Cybersecurity For Investors – Why Digital Defenses Require Good Governance

Seeking Alpha, SonicWall News: Cyberattacks are very costly. In the first half of 2022, at least 2.8 billion malware attacks were recorded globally, an increase of 11% over the previous 12 months, according to cybersecurity company SonicWall.

Study Shows the Worrying Human Cost of Cyber Attacks

Technology Magazine, SonicWall News: Research by SonicWall recently found there is growing concern regarding cyberattacks. Amongst 66% of organizations surveyed; ransomware leads the distress as 91% of all customers cited it as their biggest concern. Phishing and spear-phishing (76%), as well as encrypted malware (66%), comprised the top three concerns.

Ransomware Is the Biggest Concern for Most Organizations

HelpNetSecurity, SonicWall News: SonicWall released the 2022 SonicWall Threat Mindset Survey which found that 66% of customers are more concerned about cyberattacks in 2022, with the main threat being focused on financially motivated attacks like ransomware.

The Four Biggest Security Risks Facing Retailers in The Next Five Years

Retail Week, SonicWall News: Research shows the retail sector has been one of the top targets among cybercriminals, with a surge of more than 200% in ransomware attacks over the past year, according to SonicWall. Many retailers went through a digital transformation during the pandemic to allow customers to switch from in-store to online purchasing, which created more vulnerabilities and avenues for cybercrime.

Weekly Roundup

Channel Pro Network, SonicWall News: The recent 2022 SonicWall Cyber Threat Mindset Survey, including third quarter information, reported that customers saw an average of 1,014 ransomware attempts, a flood even though the total dropped 31% below attempts in 2021. 91% reported they were most concerned about ransomware attacks, a rising source of anxiety for security professionals. Ransomware-as-a-Service offerings make it easy to attack, and perpetrators are increasingly targeting financial firms with cryptojacking attempts, which were up 35% in the quarter. SonicWall’s Real-Time Deep Memory Inspection tools identified 375,756 malware variants never seen before during the first three quarters of 2022.

Latest SonicWall Intelligence Reveals Unstable Cyber Threat Landscape

European Business, SonicWall News: Being a security professional has never been more difficult,” said SonicWall President and CEO Bob VanKirk. “The cyber warfare battlefront continues to shift, posing dangerous threats to organizations of all sizes. With expanding attack surfaces, growing numbers of threats and the current geo-political landscape, it should be no surprise that even the most seasoned IT professional can feel overwhelmed. Armed with the latest cybersecurity tools, SonicWall partners can play a vital role in helping customers stay secure in even the most dynamic threat environments.”

Industry News

Cybersecurity Forecast: More Disruption

SonicWall reported an 11% increase in malware attacks in the first half of 2022 compared to 2021. This equates to around 2.8 billion global attacks. This report by Dark Reading predicts that 2023 will witness more of the same. Cyberattacks highlight one of the changes in advanced persistent threat attacks (APTs) in the last year. In 2022, geopolitical tensions escalated, and cyber operations entered the fray as a tactical tool. Experts say that while Russia and other countries have used cyberattacks to support military operations, the current war is the longest-running cyber operation and will continue to do so.

The Microsoft Threat Intelligence Centre reports that military conflict will become a driving force behind APT group formations in the next year.

The Psychological Warfare of Ransomware Attacks

Sun Tzu correctly stated that military leaders should choose easy battles they know they can win. In a report from Security Magazine, cyberwar experts talk about how hackers know their capabilities and keep improving their techniques to pull off sophisticated attacks with little brute force. IBM data shows that ransomware has been the most common form of attack over three years and accounted for 21% of all attacks. Not only are businesses with large pockets targeted, but so are other organizations. Hackers also target less well-known victims.

The Los Angeles School District, one of the largest in the country, recently fell victim to a ransomware attack. Following the attack, US law enforcement warned Americans school districts could see a rise in attacks due to the sensitive nature of student data.

Hackers understand how to weaponize attacks. They know that few people will shed tears when corporate entities are the victim. By targeting delicate information about a loved one, people are more easily coerced. Simply put, hackers are waging psychological warfare to get the money they seek, and technology alone isn’t enough to stop them from accomplishing their end goal.

ConnectWise Patches a Flaw That Helped Phishers

ConnectWise offers a self-hosted, remote desktop software application that is widely used by Managed Service Providers (MSPs). According to Krebs on Security, the vendor is warning of a sophisticated phishing attack that could allow attackers to take remote control of user systems if recipients click the link. This warning comes weeks after the company patched a vulnerability that made it easier for hackers to launch these attacks. According to a researcher, the ConnectWise client executable files are generated using client-controlled parameters. An attacker could create a ConnectWise client download link to bounce or proxy remote connections from MSP’s servers to a server the attacker controls.

Hackers Sign Android Malware Apps with Compromised Platform Certificates

Platform certificates used by Android smartphone vendors like Samsung, LG, and MediaTek have been found to be linked to malicious apps. According to The Hacker News, researchers discovered that Android apps run with a highly-privileged user ID – android.uid.system. This user ID has system permissions, including access to user data. A rogue app can be signed with the same certificate to gain access to all the privileges of the Android operating system. This allows it to steal sensitive information from any compromised device. The platform certificate is used to sign an application with system images.

Big Bugs Under the Hood

Several major car brands have begun fixing vulnerabilities that would have allowed hackers to remotely control the locks, engine, horn, headlights, and trunk of certain cars made after 2012, according to report from The Record.

In some cases, an attacker may scan the vehicle’s VIN number to compromise the apps. VINs are easily found through the windshield on a dashboard. As a result, Hyundai has updated its app. Sirius, which offers wireless broadcasting services to car owners, also updated its mobile application.

Although the vulnerability has been fixed, the root issue is an access control vulnerability that affects the app’s user accounts. If you had their email address, you could log in to any account and remotely locate their vehicle. Security experts stated that attacks could literally happen “from anywhere.”

Most US Defense Contractors Fail Basic Cybersecurity Requirements

According to SC Magazine, nearly nine out of ten US defense contractors fail to meet basic cybersecurity minimums, according to research commissioned by CyberSheath. According to the research, 13% of the 300 US-based Department of Defense contractors scored 70 or higher in the Supplier Performance Risk System. This is the primary system used by the Department of Defense to assess supplier and product risk. Contractors who work with unclassified information are not subject to this score. A score of 110 is required to comply with the Defense Federal Acquisition Regulation Supplement (DFARS).

CISA’s Strategic Plan Is Ushering in a New Cybersecurity Era

Today’s cyber environment requires less emphasis on detection and perimeter defenses and more focus on bolstering security with resilience, according to a report from Dark Reading. The federal government once again indicated that the traditional cybersecurity approach, based on perimeter defenses and prevention, is failing. In the last two years, ransomware has been used to attack 76% of organizations, while 66% were affected by at least one supply chain attack. The Cybersecurity and Infrastructure Security Agency (CISA) is now the latest federal entity to overhaul cybersecurity best practices. This underscores the need for drastic changes to withstand today’s dynamic threat landscape.