Spring is in full swing, and SonicWall has been splashing into headlines this week. CRN honored four women from SonicWall in its 2023 Women of the Channel List, Channel Futures spoke with new SonicWall North America Channel Chief Michelle Ragusa-McBain and Channel Life cited some information from the 2023 Cyber Threat Report.
In industry news, CyberScoop provided details on the FBI’s takedown of a Russian cyberespionage campaign. Dark Reading dove into details about CISA’s efforts to help “cyber poor” organizations. Bleeping Computer had the scoop on Microsoft’s new MFA number matching enforcement. TechCrunch discussed DDoS-for-hire websites seized by US authorities.
Remember to keep your passwords close and your eyes peeled – cybersecurity is everyone’s responsibility.
Channel Life, SonicWall News: In fact, in the first half of 2022, SonicWall detected 270,228 never-before-seen malware variants. That’s an average of 1,500 new variants per day. However, new personalized training that combines machine learning and behavioral science can teach people to see the patterns or architecture commonly part of a threat.
Channel Futures, SonicWall News: “For me, SonicWall is a 30-year industry legend in cybersecurity, one of the hottest topics right now obviously for many MSPs and MSSPs, and customers and partners around the world,” she said. “And SonicWall is sort of this amazing kind of comeback story because they had their acquisition and now they’re private again. And this is not the SonicWall of yesteryear. They have new leadership. They’re reimagining how they go to market (GTM)…”
CRN, SonicWall News: SonicWall is delighted to share that CRN has honored four SonicWall team members on its 2023 Women of the Channel List. SonicWall’s new Vice President of North American Channels Michelle Ragusa-McBain, Regional Channel Sales Director Elizabeth Reynolds, Senior Manager Inside Sales Carlien de Vries and Senior Product Marketing Manager Sarah Choi were recognized for their incredible accomplishments in the IT channel.
Risk Management, SonicWall News: Cybercriminals monetize their activities via ransomware, and the tactic, which blocks access to systems or data until a ransom is paid, is being used against companies of all sizes. In 2022, there were nearly 500 million ransomware attacks worldwide, according to SonicWall.
GovInfoSecurity, SonicWall News: Bob VanKirk, president and CEO, SonicWall, highlighted the need for SMBs to have access to the right set of tools and resources to defend their companies and protect their brands. In order to ensure cybersecurity, VanKirk said, organizations must have all the threat data at their fingertips, whether it be a firewall, endpoint or remote access, and have analytics across all those areas.
ChannelPro, SonicWall News: SonicWall has named Michelle Ragusa-McBain its new channel chief for North America. The hiring is one of several measures, along with the forthcoming introduction of a revamped partner program, aimed at expanding the company’s MSP channel, according to Jason Carter, SonicWall’s CRO.
CRN, SonicWall News: SonicWall has hired Cisco Systems veteran Michelle Ragusa-McBain to oversee its large North America channel, as the cybersecurity vendor looks to “reimagine” its business with the help of partners, she said in an interview with CRN.
ChannelFutures, SonicWall News: Ragusa-McBain’s goal is to enable partners to grow and profit with the “boundless shift to cybersecurity.” SonicWall announced her appointment at this week’s Channel Partners Conference & Expo, co-located with MSP Summit.
Channel Daily News, SonicWall News: It helps customers by delivering integrated technology solutions and services that include security, cloud, data centre, networking, collaboration and digital transformation. This year it singled out HPE, Cisco, Veeam and SonicWall as its partners of the year.
Channel Futures (Slide 4), SonicWall News: “We’ll be updating our partner program,” VanKirk said. “We’ve seen incredible growth out of what we have called our MSSP program in the past. We’re redoing that program altogether so that it will allow a much broader set of partners to participate and take advantage of, for example, monthly billing and if the number of users goes up or down, you’re only paying for that number. So we’re expanding that program, allowing a lot more partners in. We’ll be expanding that offering. It was just a few solutions. Now what we’re doing with all the changes, it used to be OK after the products were out, hey, what can we send through the MSSP program and service provider program. Now at the front end before a product even is going into the life cycle development, the PMs have to justify why or where is that going to fit in the partner program and the service provider program, which is a whole different approach that contributes to our seeing so much strength there.”
EdScoop, SonicWall News: Malware attacks against higher education institutions rose by 26% last year, according to SonicWall’s 2023 Cyber Threat Report. The report, published earlier this month, found that while malware attacks rose, ransomware attacks targeting higher education institutions declined 29% last year.
Unleashed, SonicWall News: SonicWall warned recently that “new tactics are being developed with breathtaking speed. For the past two years, ransomware has been on a tear, increasing 62% year over year in 2020 and another 105% in 2021,” a 2023 SonicWall report said. “During this time, ransomware-as-a-service took off, compromised credentials became cheaper and more plentiful than ever, and the number of vulnerabilities continued hitting record highs.
FBI’s Operation Medusa Thwarts Russian Cyberespionage Campaign
An international effort spearheaded by the FBI has disrupted a 20-year-old malware operation spawning from Turla, a unit inside Russia’s Federal Security Service known for sophisticated cyberespionage attacks. The unit has been continuously updating and enhancing a piece of malware known as “Snake” since 2004. The group used the malware to steal sensitive documents and infiltrate computer systems in over 50 countries over the past two decades. The data they stole was exfiltrated through a complex network of compromised computers in the US and elsewhere. The FBI gained physical access to the compromised computers and used that access to create a tool of its own called “Perseus” to decode the communications being exfiltrated by Turla. On Monday, the FBI used Perseus to issue a command to Snake to cause it to overwrite its own vital components – they made Snake eat its own tail, if you will. Attorney General Merrick Garland stated, “We will continue to strengthen our collective defenses against the Russian regime’s destabilizing efforts to undermine the security of the United States and our allies.”
CISA Aims to Help “Cyber Poor” Businesses, Schools and Hospitals
The US Cybersecurity and Infrastructure Agency (CISA) is taking aim at helping organizations that don’t have the knowledge or dedicated resources to defend themselves from cyber threats or even know if they’re being attacked. Such organizations include small businesses, local government agencies, hospitals, schools and more. The goal of CISA is to both help these organizations and understand their needs. Most of the agency’s efforts have been focused on larger organizations, but with attackers targeting more and more defenseless organizations, CISA feels it’s the right time to try and bridge the gaps these “cyber poor” institutions face. CISA has a section of its website dedicated to free resources anyone can use to better protect their organization.
Microsoft to Use Number Matching to Counter MFA Fatigue Attacks
Multi-factor authentication (MFA) fatigue attacks are becoming more common right alongside the growth of MFA adoption. To combat this, Microsoft is now enforcing number matching in its Microsoft Authenticator application. In an MFA fatigue attack, a threat actor will send ridiculous amounts of MFA push notifications to the target hoping that the target will accept one of them in an attempt to make them stop. This type of attack has a decent success rate for these threat actors. Many users will think the repeated notifications are a bug or organizational error. Once accepted, the attacker now has full access to the user’s account. According to Bleeping Computer, threat groups like Lapsus$ and Yanluowang used this type of social engineering attack to breach Microsoft, Cisco and Uber. Number matching helps prevent this type of attack because it gives the threat actor a specific number that the real user needs to press to approve. Since the real user will not know the correct number to press, it makes the odds of this attack being successful much lower.
13 DDoS-for-hire Websites Seized by US Authorities
Authorities in the United States seized 13 domains that had been connected to some of the most notorious DDoS-for-hire websites. The websites in question had been marketed as legitimate stress-testing tools – in reality, they were used to carry out DDoS attacks. On Monday, the FBI announced that they had seized these websites as a part of Operation PowerOFF, which is an international effort to shut down these DDoS-for-hire websites. According to TechCrunch, one of the 13 seized websites was still operating as normal. The FBI did not respond to questions concerning that website in particular. The international organizations involved in the takedown include the Dutch police, Europol and the United Kingdom’s National Crime Agency.
The RSA Report: Boots on the Ground – Amber Wolff
The RSA Report – New Tactics, New Technologies – Amber Wolff
The RSA Report: The Road to RSA – Amber Wolff
RSA 2023: What “Stronger Together” Means With SonicWall – Amber Wolff
Cybersecurity: Preventing Disaster from Being Online – Ray Wyman Jr