Cybersecurity News & Trends for January 6, 2023

Every week SonicWall collects the most compelling, trending and important interviews, media and news stories affecting your cybersecurity — just for you.

Happy New Year! While everyone was enjoying the holidays, SonicWall kept going with global industry news about the partner program, more mentions for the Threat Reports, and expert commentary by SonicWall executives.

Cybersecurity didn’t take a break either. Health Care IT News and Toronto City News surprised everyone with a report about the LockBit ransomware gang apologizing for hacking a children’s hospital. Forbes and Wired Magazine reported on the sale of Twitter user data. Bleeping Computer discovered that Amazon S3 is now encrypting all new data using AES-256 – by default! SC Magazine reports on a JAMA study that shows healthcare disruptions from ransomware attacks are probably underreported. And Dark Reading has released its BOLD Cybersecurity predictions for 2023. We only dared to mention two of the “scary” ones.

Remember that cybersecurity is everyone’s business. Be safe out there!

SonicWall News

Goodbye 2022, Hello 2023: Experts Weigh in With Channel Expectations

MicroScope, SonicWall News: “Matt Brennan, vice-president of North America channel sales at SonicWall, believes the effects of supply chain disruption will continue to have an impact on 2023: “Supply chain challenges have wreaked havoc across most industries around the world. IT has been affected across the board. Because of these challenges, brand loyalty will fade. [Customers] won’t hesitate to make purchases they can get now rather than wait for a specific brand product later – fulfilment is critical, regardless of how long customers have been brand loyal.” Brennan adds that this will lead to a shift in the market as customers learn that “staying brand loyal is not necessary to run their businesses successfully”.

Tips for Health Systems on Managing Legacy Systems to Strengthen Security

HealthTech, SonicWall News: A lack of support from the manufacturer generally means a lack of security patches. As a result, devices running a legacy OS are easy targets for attackers — in fact, malware attacks on internet-connected devices spiked 123 percent in the first half of 2022, according to research from SonicWall.

Cybersecurity for Investors: Why Digital Defenses Require Good Governance

Yahoo! Finance, SonicWall News: Cyberattacks are very costly. In the first half of 2022, at least 2.8 billion malware attacks were recorded globally, an increase of 11% over the previous 12 months, according to cybersecurity company SonicWall.

Remote Monitoring, AI Research and Data at Risk: Healthcare Tech Predictions For 2023

BetaNews, SonicWall News: Healthcare could come under threat from geopolitical attacks believes Immanuel Chavoya, threat detection and response strategist at SonicWall. “When it comes to protecting against threats of geopolitically motivated attacks, the present call to action is to be proactive, rather than reactive, to an assault. Attacks such as targeted malware or vulnerability exploitation could be used to inflict chaos on critical infrastructure such as healthcare, electric utilities, financial institutions, and oil and gas. These attacks tie up resources, cause financial damage, and send a signal. In 2023, organizations and governments will need to be prepared by ensuring that they don’t have any issues that could become low-hanging fruit for attacks and closely monitor their network activity for quick identification of and reaction to any attack.

Future Tech Role of Partners

CRN (India), SonicWall News: Security threats are becoming increasingly sophisticated, and organizations are looking for proactive ways to secure their IT environments. Whether their environment is in the Cloud, on-premises or a hybrid, organizations look to managed security services providers (MSSPs) to provide the best-in-class security to protect their business and mitigate future risk.

SonicWall CEO: Partner Program Revamp on Tap for Early 2023

CRN, SonicWall News: As other vendors are increasing their prices, we’re actually doing the opposite,” he said. If a customer and a partner commit to buying three years of services—services that go with our solutions—what they end up getting is the firewall hardware at no charge. That translates to a double-digit price decrease savings.

Guardian Hit by Suspected Ransomware Attack

The Financial Times, SonicWall News: But the number of attacks has fallen by almost a quarter in the first half of this year, according to US security company SonicWall, partly because more organizations have refused to pay cyber criminals.

The Non-Stop Journey Towards ‘Zero Trust’

Canales Sectoriales (Spain), SonicWall News: According to Sergio Martínez, Country Manager of SonicWall, currently, only 11% of companies consider that they have sufficient internal computer capacity to deal with any cyberattack. It is estimated that more than 50% of companies that suffer a major cyberattack take more than five hours to detect it and, a significant number of them live with it for a few weeks or months.

Ways Governments Can Better Protect Public Data

Cyber Security Intelligence, SonicWall News: The chances of being hit by a ransomware attack are more significant than ever. Last year, global ransomware volume skyrocketed by 105% year over year, according to the 2022 SonicWall Cyber Threat Report. While no industry was spared, the numbers were particularly gruesome for governments. Ransomware attempts on government entities rose a staggering 1,885%. That’s more than double the increase reported by healthcare (755%), education (152%), and retail (21%) combined.

Risks That Could Impact Retail In 2023

BizCommunity, SonicWall News: Figures from SonicWall’s Biannual Report revealed that e-commerce and online retail businesses saw a 264% surge in the past 12 months in ransomware attacks alone. These statistics are extremely worrying for retail companies, so unsurprisingly, websites and digital security are at the forefront of retailers’ minds.

SonicWall Achieves Sales Record with The Help of The Distribution Channel

InfoChannel (Mexico), SonicWall News: 2022 has been a year of growth for SonicWall, especially for business partners, as announced by Eustolio Villalobos, general manager for Mexico, Central America and the Caribbean. Villalobos said that the company reached a record of internal sales in generation 7, SD-WAN and Wi-Fi 6 firewall solutions.

Unifying Efforts with Its SonicWall Channels Gains Ground in Latin America

eSemenal (Mexico), SonicWall News: Today we have seen how companies are more aware of the cybersecurity challenges they face and have understood that it is not a separate issue. Expanding issues such as hybrid work and 5G will be some of the main challenges next year, and companies regardless of their size will have to be prepared,” said Arley Brogiato, Sales Leader for SonicWall in Latin America.

According to the executive, sales of security solutions this year exceeded the company’s expectations globally, achieving higher growth than the prospect and a double-digit increase in its market shares.

Industry News

Lockbit Ransomware Group ‘Apologizes’ For Children’s Hospital Cyberattack

Health Care IT News hit us with a rather surprising story about a ransomware group that apologized for hitting a Toronto-based children’s hospital affiliated with the University of Toronto. For a bit of background, we went to Toronto City News and learned that on December 18, 2022, SickKids was hit with ransomware. Administrators reported delays with retrieving lab and imaging results. Other affected systems included employee timekeeping and pharmacy submissions. About ten days later, the hospital said that nearly half of the affected systems had been restored. Then an unexpected update.

LockBit ransomware group that provides affiliates access to malware for a cut of the ransom profits then issued an apology on the dark web on the last day of the year, which was then posted to Twitter. In the statement, the ransomware organization allegedly blamed a partner and offered a free decryptor for the hospital to unlock its data. Even with a ransomware group’s decryptor, healthcare organizations only recover about two-thirds of their files on average.

Twitter Data for Sale

Reported by Forbes, Wired, and posted on Twitter by @SonicWall, the close of 2022 saw hackers selling data stolen from 400 million Twitter users. The source, researchers say, is a widely circulated trove of email addresses linked to about 200 million users that were hacked out between June 2021 and January 2022, exploiting a bug in a Twitter application. The list on sale is likely a refined version of the larger batch with duplicate entries removed. According to the Forbes reporter, the hacker demanded $200,000 from Twitter for an “exclusive” sale of the data and warned that the social media platform could face a massive GDPR fine for failing to protect user data.

Twitter has not yet commented on the massive exposure. However, the cache of data clarifies the severity of the leak and who may be most at risk because of it.

Amazon S3 To Encrypt All New Data With AES-256

Bleeping Computer reported that Amazon Simple Storage Service (S3) would automatically encrypt all new objects added on buckets on the server side, using AES-256 by default.

While the server-side encryption system has been available on AWS for over a decade, the tech giant has enabled it by default to bolster security. As a result, administrators will not have to take any actions for the new encryption system to affect their buckets. In addition, Amazon promises it won’t have any negative performance impact.

The move follows two notable breaches related to Amazon S3 storage buckets, one in December 2017, leaked data from 123 million households and another in April 2019 of 540 million records of Facebook users. The reporter comments that had the data been encrypted, the leaks wouldn’t have had nearly as dire consequences for the exposed individuals. Amazon’s move to make server-side encryption a “zero-click” process is a fundamental step towards better security. It is bound to lessen the impact of upcoming data incidents that will inevitably happen.

JAMA: Underreported Healthcare Disruptions from Ransomware Attacks

SC Magazine reported on the findings from a new study published by the Journal of the American Medical Association (JAMA) that ransomware attacks on healthcare delivery organizations doubled between 2016 and 2021, from 43 reported attacks to 91. However, the study concludes that these numbers and impacts are likely underreported due to limited data from the incidents.

Across all sectors in the last year, security researchers struggled to gauge whether ransomware attacks were on the rise or stagnating. What’s clear is that attackers are getting smarter, and the cost to recover from these attacks is drastically increasing across all sectors — impacting cyber insurance coverage in the process.

In healthcare, the impacts of ransomware are readily seen in each hospital attack, confirming the patient safety risks posed by this extended network downtime. At least three global health systems are currently down after ransomware incidents which have led to care diversion, appointment cancellations and delays.

But as noted in JAMA, there’s not enough data to fully understand the minutiae of hospital impacts after ransomware. While the researchers noted the study’s limits, the data does shine a light on incident response and care disruptions.

The Boldest Cybersecurity Predictions for 2023

Dark Reading posted their “Predictions,” and as expected, they’re bold. Among the notable predictions “Automation is Finally Ready for Prime Time.” There’s been quite a lot of coverage on this issue, and predictions represent both boon and bane for network security teams. Automation could mean eliminating lower-level cybersecurity jobs, but industry observers also believe that more data always means more demand for higher-level analysts and engineers.

We thought this prediction paired nicely with another: “Scary AI & Machine Learning Gets Scarier.” Indeed, we saw evidence last year that shows cybercrime is using AI automation to weaponize deep fakes. Although we haven’t seen it in full practice yet, there’s good reason to believe it’ll be the go-to method for attackers in 2023 and beyond. Imagine seeing videos from people we know telling us it’s cool to share passwords (and other private information) with random callers. If that wasn’t scary enough, imagine ransomware teams using spoofed biometrics, fraudulent identity documents and synthetic identities.

And that’s just two of several they have that deserve a careful read.