Curated cybersecurity news and trends from the industry’s leading bloggers and news outlets, for you from SonicWall.
Another week is in the books for 2023, and SonicWall is still going strong with the recently released 2023 Cyber Threat Report.
In industry news, Dark Reading has the scoop on an Iranian threat group targeting women’s rights protesters with spear-phishing attacks as well as a large school district falling victim to ransomware. Bleeping Computer provided details on a new cryptocurrency scam the FBI is warning about. Billions of IoT and enterprise devices are at risk due to new TPM vulnerabilities according to Hacker News, and TechCrunch reported on GitHub’s new two-factor authentication policy.
Remember to keep your passwords close and your eyes peeled — cybersecurity is everyone’s responsibility.
HelpNetSecurity, SonicWall News: 2022 was the second-highest year on record for global ransomware attempts, as well as an 87% increase in IoT malware and a record number of cryptojacking attacks (139.3 million), according to SonicWall.
TechRadarPro, SonicWall News: 2023 could very well be the biggest year ever for cybercriminals, new figures have claimed. According to SonicWall’s latest figures, cybercrime is on the rise across the board, but trends are slowly shifting which is something IT security teams should keep in mind. More precisely, hackers are opting for a “slow and low” approach, keeping stealthy while trying to achieve financially-motivated goals.
MSSP Alert, SonicWall News: SonicWall researchers recorded the second-highest year on record for global ransomware attempts but it was an 87% increase in Internet of Things (IoT) malware and a record number of cryptojacking attacks (139.3 million) that signaled a shift in the overall threat landscape in 2022, the company said in a new report.
Digital Trends, SonicWall News: Last year saw a massive spike in cybercrime, with some types of malicious digital activity rising by as much as 87%. It doesn’t bode well — but there were a couple of relative bright spots. That information comes from a new report published by cybersecurity firm SonicWall. It makes for interesting reading, especially since one of the biggest rises came from an unusual source — and one of the most feared types of malware saw a hefty drop.
CRN, SonicWall News: In a major reversal from prior years, the volume of ransomware attacks globally dropped by 21 percent in 2022, year-over-year, with a 48-percent decline in the U.S., SonicWall said in a new report Tuesday. It’s encouraging that we’re seeing a decrease” in ransomware attacks, SonicWall CEO Bob VanKirk said in an interview with CRN. At the same time, “the number of attacks still is staggering,” VanKirk said.
Evening Standard, SonicWall News: The scale of the threat posed to companies and consumers by cyberattacks was laid bare today in a new report which reveals global ransomware attempts hit their second highest year on record in 2022.
Cyber intrusion attempts and malware attacks climbed 19% and 2% respectively, according to the Global Cyberattack Trends report by SonicWall, while crypto-theft attacks jumped 43% to reach a record high. The volume of ransomware attacks was especially severe in the UK, climbing a staggering 112% in 2022, the report found, despite a 21% decrease in attacks worldwide.
InfoSecurity, SonicWall News: Global malware detections increased 2% year-on-year (YoY) in 2022 to hit 5.5 billion, with never-before-seen variants surging 5%, according to SonicWall. The security vendor captured threat intelligence from its global SonicWall Capture Threat network, including one million security sensors, in order to compile its 2023 SonicWall Cyber Threat Report.
MSN, SonicWall News: Bob Vankirk, CEO of SonicWall, said: “The past year reinforced the need for cybersecurity in every industry and every facet of business, as threat actors targeted anything and everything, from education to retail to finance. While organizations face an increasing number of real-world obstacles with macroeconomic pressures and continued geopolitical strife, threat actors are shifting attack strategies at an alarming rate.”
IT Pro, SonicWall News: State-sponsored threat actors are increasingly shifting their focus towards SMBs and smaller enterprises, according to new research. While large enterprises, public services, and critical national infrastructure have traditionally been key targets for state-sponsored threat actors, SonicWall’s 2023 Cyber Threat Report predicted that groups will ‘diversify’ their tactics in 2023 to target SMBs and a “broader set of victims.”
Utah Pulse, SonicWall News: SonicWall reports a 328% YoY increase in healthcare ransomware attacks in 2022, and healthcare and education are expected to be among the most targeted sectors in 2023. The expanding IoT footprint in these sectors is predicted to make them more vulnerable to digital attacks, increasing the risk to critical infrastructure.
CRN, SonicWall News: Key offerings from SonicWall in the realm of next-generation firewalls include the SonicWall NSa 5700, which utilizes a scalable hardware architecture designed to fit in a single rack-mountable unit. The high port density of the NSa 5700 includes multiple 10-Gigabit Ethernet and 1-Gigabit Ethernet fiber and copper interfaces.
CRN, SonicWall News: One of the biggest opportunities we will be tackling with our partners is providing a broader set of unified and cost-effective solutions that fully secure the evolving network perimeter. For many of our partners and customers, 2023 will represent a period of cautious and informed investment in IT and security – customers will demand more bang for their security buck.
Billions of IoT and Enterprise Devices at Risk Due to New TPM 2.0 Flaws
Two critical security vulnerabilities were found in the Trusted Platform Module (TPM) 2.0 reference library specification. Both vulnerabilities could cause significant issues. The first is described as an out-of-bounds write while the other is an out-of-bounds read. IoT devices and enterprise devices were among the devices deemed most vulnerable, but all systems that utilize TPM could be vulnerable. According to Hacker News, the function of TPM is to secure cryptographic functions and physical security mechanisms to thwart bad actors. All users should implement the latest updates from both TCG and their vendors to ensure these vulnerabilities are addressed.
Iranian Threat Group Targeting Female Activists in Wake of Protests
The controversial death of Iranian women’s rights activist Mahsa Amini sparked protests and outrage among Iranians late last year. Now it appears that the state-sponsored threat group known as Cobalt Illusion is targeting female protesters on Twitter in a spear-phishing campaign. The threat group uses a fake Twitter account posing as a US think tank to lure victims in and build rapport with them before carrying through their phishing attack. Dark Reading says Cobalt Illusion was using the protests to find a common ground with the women. The information stolen by the threat group is used in multiple ways – notably to inform the Iranian government and military of victims’ activities.
GitHub to Enforce 2FA Among All Contributors Beginning Next Week
Any developer who writes code for any project on GitHub’s platform will now be required to implement two-factor authentication (2FA). The new policy will start to be implemented on March 13th and continue to expand through the remainder of 2023. Multi-factor authentication has been gaining steam in recent years as it is a great way for companies to significantly reduce risks from certain cyber threats. According to TechCrunch, GitHub has over 100 million users who are developers, so this move toward stronger security will be far reaching. This announcement comes on the heels of the Biden administration urging large tech companies to accept more responsibility for ensuring that they have strong security postures. GitHub’s 2FA rollout will begin next week and continue until all developers are enrolled.
Medusa Ransomware Gang Reveals Data to Minneapolis School District
The Medusa ransomware gang is asking for $1 million after sending the Minneapolis Public School (MPS) district an hour-long video showing all of the data that they stole. Dark Reading says the cybercriminals gave MPS a deadline of March 17 to make the payment, and made it known that they will accept $1 million from other buys before that deadline as well. This attack is a stark reminder that last year 1 in 4 schools were the victims of a cyberattack.
Scammers Using Games to Steal Cryptocurrency says FBI
The FBI has warned that millions of dollars in cryptocurrency are being stolen through online and mobile games. Bleeping Computer states that the cybercriminals accomplish this by creating custom games and apps that promise players large monetary rewards to victims that they’ve built rapport with online. The threat actors build an actual relationship with the victims before inviting them to play their fake games. They promise the users that the game rewards them with potentially large amounts of cryptocurrency for simple tasks like maintaining a virtual farm. The app prompts the user to store large amounts of cryptocurrency in their scam crypto-wallet and, over time, tempts them to store more crypto-currency in the wallet. Once the user stops making deposits, the scammers drain the wallet of all funds. The FBI has asked all victims to report crimes to the Internet Crime Complaint Center to help them stop these scams.
New SMA Release Updates OpenSSL Library, Includes Key Security Features – Jai Balasubramaniyan
Celebrating 2023 With Expanded “3 & Free” – Matt Brennan
The Art of Cyber War: Sun Tzu and Cybersecurity – Ray Wyman
Talking Boundless Cybersecurity at the Schoolscape IT 2022 Conference – Mohamed Abdallah
SonicWall Included on the Acclaimed CRN Edge Computing 100 List for 2022 – Bret Fitzgerald