SonicWall's weekly Cybersecurity News and Trends.

Cybersecurity News & Trends – 08-25-2023

Curated cybersecurity news and trends from the industry’s leading bloggers and news outlets, for you from SonicWall.


We’re heading into the final week of August, and it’s been an exciting month here at SonicWall. If you haven’t already given it a read, be sure to check out our Mid-Year Update to the 2023 Cyber Threat Report.

In industry news, Dark Reading covered increasing ransomware numbers and a lawsuit that could have far-reaching implications for software makers. Bleeping Computer had the lowdown on North Korea’s Lazarus gang preparing to offload over $40 million in crypto assets. Tech Crunch provided new details on the data breach at Tesla.

Remember to keep your passwords close and your eyes peeled – cybersecurity is everyone’s responsibility.

SonicWall News

SonicWall Promotes Michelle Ragusa-McBain To Global Channel Chief

CRN, SonicWall News: SonicWall has promoted Michelle Ragusa-McBain to head its sizable global partner organization, just months after hiring the channel veteran as its North America channel chief. Looking ahead, SonicWall is planning to roll out a “soft launch” of its revamped SecureFirst Partner Program in September, with a full global launch of the new program planned for February 2024, Ragusa-McBain told CRN.

SonicWall Promotes Cisco Vet to Global Channel Leader

Channel Futures, SonicWall News: SonicWall has promoted Michelle Ragusa-McBain to vice president and global channel leader. She joined SonicWall as vice president and North America channel leader in May. A key theme for SonicWall’s channel strategy is embracing an outside-in approach to crafting its strategy and executing with partners. What that means is we’re listening to our partners and customers more than ever before, rather than operating in a vacuum and telling you what you need.

Ransomware Attacks Skyrocket in Q2 2023

Infosecurity Magazine, SonicWall News: “Ransomware attacks surged by 74% in Q2 2023 compared to the first three months of the year, a new report has found.

The 2023 SonicWall Mid-Year Cyber Threat Report observed two “very unbalanced quarters” regarding the volume of ransomware attacks so far this year. SonicWall Capture Labs Threat Researchers recorded 51.2 million attacks in Q1 2023, representing the smallest number of attacks since Q4 2019.”

How Bitcoin Swings Helped Drive an Almost Nin-fold Surge in Cryptojacking attacks in Europe

DL News, SonicWall News: Cryptojacking attacks skyrocketed when Bitcoin prices fell, and could be the overture to something worse, according to SonicWall researchers. These attacks turn victims’ computers into unknowing crypto mining rigs. Bitcoin reached a $68,000 high in November 2021 before crashing down to as low as just above $16,000 in 2022. It currently hovers around $30,000.

Cryptojacking attacks surge 399% globally as threat actors diversify tactics

ITPro, SonicWall News: Security experts have issued a warning over a significant increase in cryptojacking attacks as threat actors seek to ‘diversify’ their tactics. The volume of cryptojacking attacks surged by 788% in Europe during the first half of the year, with attacks in North America also rising by 345%.

SonicWall: Ransomware Declines Further As Attackers ‘Pivot’ Their Tactics

CRN, SonicWall News: Ransomware continued to lose favor among malicious actors during the first half of 2023, but overall intrusions increased as some attackers switched focus to other types of threats, according to newly released SonicWall data. In the cybersecurity vendor’s report on the first six months of the year, ransomware attack volume dropped 41 percent from the same period a year earlier, the report released Wednesday shows.

Evolving Threats – Evolved Strategy

ITVoice, SonicWall News: The ever-evolving cybersecurity landscape is rapidly changing, and businesses must change with it. The massively expanding, distributed IT reality is creating an unprecedented explosion of exposure points for sophisticated cybercriminals and threat actors to exploit.

Britain’s Biggest Hospital Held To Ransom

Cyber Security Intelligence, SonicWall News: SonicWall expert Spencer Starkey said “The healthcare sector continues to be a prime target for malicious actors as evidenced by the recent attack on Barts Health NHS Trust. Not only does this attack risk the potential for exposed patient data, but any significant IT issue that halts patient care poses an immediate threat to life.”

Hackers claim breach is the ‘biggest ever’ in NHS history

Silicon Republic, SonicWall News: Spencer Starkey, vice-president of EMEA at cybersecurity company SonicWall, said that the healthcare sector continues to be a “prime target” for hackers globally. “Not only does this attack risk the potential for exposed patient data, but any significant IT issue that halts patient care poses an immediate threat to life,” said Starkey, referring to the Barts Health cyberattack. The ramifications of an attack on the healthcare sector can be disastrous and it’s important to place the utmost amount of time, money and efforts on securing it.

How to Reach Compliance with HIPAA

TrendMicro, SonicWall News: According to the 2022 SonicWall Cyber Threat Report, healthcare continued a large spike in malware in 2021, at 121%. While the largest jump in IoT malware attacks belonged to healthcare, which saw a 71% year-over-year increase. To shed light on the significance malware can carry, it’s important to look at how recent breaches could’ve been circumvented by abiding to the HIPAA rules and safeguards.

Why Attackers Love to Target IoT Devices

VentureBeat, SonicWall News: Malicious objects were blocked on more than 40% of OT systems. SonicWall Capture Labs threat researchers recorded 112.3 million instances of IoT malware in 2022, an 87% increase over 2021.

Industry News

Ransomware on the Rise

A security consulting group sounded the alarm about a ransomware resurgence happening right now. In July, the group found that data from 502 breaches was posted to various leak sites. That’s a 150% increase from July 2022. Many factors have led to this increase, but the group noted that it has a lot to do with the rise of more easily exploited vulnerabilities like we’ve seen with the breach of MOVEit’s file transfer tool. On top of that, the average time a ransomware group waits to strike once they infiltrate a company has shrunk by nearly 50% since 2022 from nine days down to five. The group found that a majority of these new attacks are targeting the industrial sector, which is a sector that has as a whole been spending less on cybersecurity over the past few years. Much of the increase can be attributed to the Cl0p ransomware gang, which has been responsible for three times the amount of data leaks as the second most successful group, Lockbit 3.0. Our recently released Mid-Year Update to the 2023 Cyber Threat Report indicated a ransomware rebound may be in the works, and this data seems to support that. Only time will tell if the trend continues into the remainder of the year.

Lawsuit Calls for More Accountability for Software Makers Amid MOVEit Breaches

Progress Software, the makers of the MOVEit file transfer tool, are the subject of a class-action lawsuit following the massive MOVEit breaches that began earlier this year. The lawsuit claims Progress Software breached its contracts and was negligent. The attacks have affected small organizations and billion-dollar organizations like Shell and British Airways alike. The lawsuit alleges Progress didn’t “properly secure and safeguard personally identifiable information” and has exposed plaintiffs to an ongoing risk of identity theft, not to mention financial costs and losses of time and productivity. If the lawsuit goes in favor of the plaintiffs, it could set a precedent to hold software developers accountable for the security of their applications in the event of major supply-chain breaches such as this. A spokesperson from MOVEit relayed that Progress will not comment on the pending litigation.

Tesla Data Breach Revealed to be Inside Job

Tesla has released a statement saying two former employees are responsible for a data breach that affected over 75,000 Tesla employees. Tesla’s data privacy officer, Steven Elentukh, said that the former employees violated Tesla’s IT security and data protection policies by sharing the data. The data contains loads of information on the 75,000 employees including names, addresses, phone numbers, Social Security numbers and employment records. The two employees in question handed the data over to a German newspaper, but the newspaper assured Tesla that it would not publish the data or misuse it. The information was 100 gigabytes in total and included customer bank details, production secrets and customer complaints alongside the employee data. The German newspaper said Tesla owner Elon Musk’s Social Security number was also included in the leak. Tesla has filed lawsuits against the former employees, and their electronic devices have been seized.

Lazarus Gang Preparing to Offload $41 Million in Stolen Crypto

The FBI has been tracking the movement of bitcoin stolen by the North Korean Lazarus gang and has narrowed it down to six cryptocurrency wallets. In total, it appears the group has moved 1,580 bitcoins to the six wallets. A recent report found that North Korean state hacker groups have been responsible for the theft of more than $2 billion in crypto over the past five years. More recently, the notorious Lazarus gang has been linked to a breach on Axie Infinity that holds the crown for the largest crypto heist of all time which saw the hackers make off with a whopping $620 million worth of Ethereum. On Tuesday, the FBI released a statement saying, “The FBI will continue to expose and combat the DPRK’s use of illicit activities—including cybercrime and virtual currency theft—to generate revenue for the regime.” They also urged anyone with information on the state-backed hacking groups to contact their local FBI field office with information.

SonicWall Blog

Why Education is the New Cybercrime Epicenter – Amber Wolff

How SonicWall Offers High Availability at the Lowest Price – Tiju Cherian

Cryptojacking Continues Crushing Records – Amber Wolff

Why Should You Choose SonicWall’s NSsp Firewalls? – Tiju Cherian

Utilize APIs to Scale Your MySonicWall Operation – Chandan Kumar Singh

First-Half 2023 Threat Intelligence: Tracking Cybercriminals Into the Shadows – Amber Wolff

If It’s Easy, It’s TZ – Tiju Cherian

Sonic Boom: Getting to Know the New SonicWall – Michelle Ragusa-McBain

SonicWall’s Traci McCulley Orr Honored as a Talent100 Leader – Bret Fitzgerald

3 & Free Promotion: How to Upgrade to a Gen 7 NSsp Firewall for Free – Michelle Ragusa-McBain

Monthly Firewall Services Option for Simplicity and Scalability – Sorosh Faqiri

Monitoring and Controlling Internet Usage with Productivity Reports – Ashutosh Maheshwari

SonicWall NSM 2.3.5 Brings Enhanced Alerting Capabilities – Suriti Singh

Jordan Riddles
Junior Copywriter | SonicWall
Jordan Riddles is a Junior Copywriter for SonicWall. He has a background in content creation and editing, and he lives in Tulsa, Oklahoma. Jordan is a graduate of Northeastern State University in Tahlequah, Oklahoma, with a focus in English and creative writing. In his spare time, he loves reading, cooking and disc golfing.