SonicWall's weekly Cybersecurity News and Trends.

Cybersecurity News & Trends – 09-08-2023

Curated cybersecurity news and trends from the industry’s leading bloggers and news outlets, for you from SonicWall.

By

Fall is fast approaching, and with the new season comes SonicWall’s season of sales – check out our promotion page to find deals on firewalls, endpoint protection and more. This week, SonicWall CEO Bob VanKirk went on Nasdaq TradeTalks to discuss how IT departments can fend off stealthier cyberattacks. Be sure to check out the Mid-Year Update to the 2023 Cyber Threat Report to see more of what to watch out for.

In industry news, Dark Reading detailed Microsoft’s discovery of a Russian misinformation campaign in Africa and a brand-new cloud attack vector that should have DevOps on notice. Bleeping Computer covered Okta’s warning of IT help desk attacks in the United States. Tech Crunch had the lowdown on Flipper Zero’s latest disruptive ability.

Remember to keep your passwords close and your eyes peeled – cybersecurity is everyone’s responsibility.

SonicWall News

Stealthier Means of Malicious Cyber-Attacks and What It Means for IT Departments

Nasdaq, SonicWall News: Bob VanKirk, CEO, SonicWall, joins Jill Malandrino on Nasdaq TradeTalks to discuss stealthier means of malicious cyber-attacks and what it means for IT departments.

SonicWall Promotes Michelle Ragusa-McBain To Global Channel Chief

CRN, SonicWall News: SonicWall has promoted Michelle Ragusa-McBain to head its sizable global partner organization, just months after hiring the channel veteran as its North America channel chief. Looking ahead, SonicWall is planning to roll out a “soft launch” of its revamped SecureFirst Partner Program in September, with a full global launch of the new program planned for February 2024, Ragusa-McBain told CRN.

SonicWall Promotes Cisco Vet to Global Channel Leader

Channel Futures, SonicWall News: SonicWall has promoted Michelle Ragusa-McBain to vice president and global channel leader. She joined SonicWall as vice president and North America channel leader in May. A key theme for SonicWall’s channel strategy is embracing an outside-in approach to crafting its strategy and executing with partners. What that means is we’re listening to our partners and customers more than ever before, rather than operating in a vacuum and telling you what you need.

Ransomware Attacks Skyrocket in Q2 2023

Infosecurity Magazine, SonicWall News: “Ransomware attacks surged by 74% in Q2 2023 compared to the first three months of the year, a new report has found.

The 2023 SonicWall Mid-Year Cyber Threat Report observed two “very unbalanced quarters” regarding the volume of ransomware attacks so far this year. SonicWall Capture Labs Threat Researchers recorded 51.2 million attacks in Q1 2023, representing the smallest number of attacks since Q4 2019.”

How Bitcoin Swings Helped Drive an Almost Nin-fold Surge in Cryptojacking attacks in Europe

DL News, SonicWall News: Cryptojacking attacks skyrocketed when Bitcoin prices fell, and could be the overture to something worse, according to SonicWall researchers. These attacks turn victims’ computers into unknowing crypto mining rigs. Bitcoin reached a $68,000 high in November 2021 before crashing down to as low as just above $16,000 in 2022. It currently hovers around $30,000.

Cryptojacking attacks surge 399% globally as threat actors diversify tactics

ITPro, SonicWall News: Security experts have issued a warning over a significant increase in cryptojacking attacks as threat actors seek to ‘diversify’ their tactics. The volume of cryptojacking attacks surged by 788% in Europe during the first half of the year, with attacks in North America also rising by 345%.

SonicWall: Ransomware Declines Further As Attackers ‘Pivot’ Their Tactics

CRN, SonicWall News: Ransomware continued to lose favor among malicious actors during the first half of 2023, but overall intrusions increased as some attackers switched focus to other types of threats, according to newly released SonicWall data. In the cybersecurity vendor’s report on the first six months of the year, ransomware attack volume dropped 41 percent from the same period a year earlier, the report released Wednesday shows.

Evolving Threats – Evolved Strategy

ITVoice, SonicWall News: The ever-evolving cybersecurity landscape is rapidly changing, and businesses must change with it. The massively expanding, distributed IT reality is creating an unprecedented explosion of exposure points for sophisticated cybercriminals and threat actors to exploit.

Britain’s Biggest Hospital Held To Ransom

Cyber Security Intelligence, SonicWall News: SonicWall expert Spencer Starkey said “The healthcare sector continues to be a prime target for malicious actors as evidenced by the recent attack on Barts Health NHS Trust. Not only does this attack risk the potential for exposed patient data, but any significant IT issue that halts patient care poses an immediate threat to life.”

Hackers claim breach is the ‘biggest ever’ in NHS history

Silicon Republic, SonicWall News: Spencer Starkey, vice-president of EMEA at cybersecurity company SonicWall, said that the healthcare sector continues to be a “prime target” for hackers globally. “Not only does this attack risk the potential for exposed patient data, but any significant IT issue that halts patient care poses an immediate threat to life,” said Starkey, referring to the Barts Health cyberattack. The ramifications of an attack on the healthcare sector can be disastrous and it’s important to place the utmost amount of time, money and efforts on securing it.

How to Reach Compliance with HIPAA

TrendMicro, SonicWall News: According to the 2022 SonicWall Cyber Threat Report, healthcare continued a large spike in malware in 2021, at 121%. While the largest jump in IoT malware attacks belonged to healthcare, which saw a 71% year-over-year increase. To shed light on the significance malware can carry, it’s important to look at how recent breaches could’ve been circumvented by abiding to the HIPAA rules and safeguards.

Industry News

Russia Begins Misinformation Campaign in Africa

An investigation by Microsoft has revealed Russia’s nefarious actions in some African countries. According to the investigation, Russia has launched fake media outlets that sympathize with Russia and express anti-French sentiments. According to Dark Reading, they’ve also created fake civil society organizations in less stable African nations. Russia is capitalizing on already-present instability in countries like Mali, Niger, Gabon, Burkina Faso and Guinea. Some of these countries have ongoing coups, and Russia’s operations in these countries have praised coup leaders and stoked anger at France. Apparently, some of these operations were being run by Russia’s notorious Wagner Group, so the group’s presence on the African continent is now up in the air following the death of its leader, Yevgeny Prigozhin. The misinformation campaign has taken part largely through social media and fake news outlets. It has been successful enough that French diplomats have been recalled from some nations due to rising tensions. This is all going on in the background of Russia’s war against Ukraine, so only time will tell how long they can continue these operations with pressure boiling at home.

Brand New Attack Vector Should Have DevOps on Watch

A first-of-its-kind cloud attack should have DevOps keeping their eyes peeled. Attackers have found a way to take full control over systems using MinIO, which is a distributed object storage system. MinIO is compatible with Amazon S3 cloud storage, which is used by many companies. Security researchers discovered the new attack vector when cybercriminals recently tricked a DevOps engineer into updating MinIO with the attackers’ own corrupt “update.” The update included a built-in command shell function that allowed the attackers to remotely execute code and take over the system. The GitHub repository for the fake update is literally named “Evil_MinIO,” which is quite on the nose, even for cybercriminals. The researchers warned that companies using MinIO should be on watch, DevOps in particular. Make sure any and all updates are coming directly from MinIO and not a third party.

Flipper Zero Can Spam Nearby iPhones Via Bluetooth

The list of troublesome attacks that the Flipper Zero hacking device can perform continues to grow. It’s already been responsible for car theft and more, but it can now also spam iPhone users from thousands of feet away. A security researcher demonstrated the attack, comparing it to a denial-of-service attack. Essentially, any person with a Flipper Zero device can tweak the firmware to send out Bluetooth Advertisements to nearby iPhones. The attack renders the device useless due to the constant flurry of popups. Tech Crunch tested the attack and was able to successfully interfere with an iPhone 8 and an iPhone 14 Pro. While most of these attacks would have a far more limited range, the researcher who sounded the alarm on the attack noted that an attacker could use a simple amplifying board to increase the device’s range to thousands of feet or more. That would allow an attacker in a busy area to attack potentially hundreds of iPhones at once. The researcher, who only goes by Anthony, stated that Apple could defend against the attacks by ensuring that the Bluetooth devices attempting to connect to iPhones are legitimate.

Okta Warns of Attacks on IT Service Desks

The identity and access management business Okta warned of attacks on IT help desks in the United States this week. The attackers have been attempting to gain access to Okta Super Administrator accounts which would give them full access to the organizations they’re infiltrating. Okta stated that the attackers typically already have passwords for the high-access accounts before beginning their attack. Once they’ve gained control, they elevate privileges for other accounts and remove multi-factor authentication (MFA) for some accounts as well. Okta recommends that users take multiple steps to prevent an attack on their organization including enforcing phishing-resistant authentication using Okta FastPass, requiring re-authentication for privileged app access and more. Organizations using Okta should carefully review the steps Okta has listed to provide optimal protection for their networks.

SonicWall Blog

Why Firewall Throughput Numbers Don’t Tell the Whole Story – Tiju Cherian

Elevate Your Network with The Ultimate 3 & Free Promotion – Michelle Ragusa-McBain

Why Education is the New Cybercrime Epicenter – Amber Wolff

How SonicWall Offers High Availability at the Lowest Price – Tiju Cherian

Cryptojacking Continues Crushing Records – Amber Wolff

Why Should You Choose SonicWall’s NSsp Firewalls? – Tiju Cherian

Utilize APIs to Scale Your MySonicWall Operation – Chandan Kumar Singh

First-Half 2023 Threat Intelligence: Tracking Cybercriminals Into the Shadows – Amber Wolff

If It’s Easy, It’s TZ – Tiju Cherian

Sonic Boom: Getting to Know the New SonicWall – Michelle Ragusa-McBain

SonicWall’s Traci McCulley Orr Honored as a Talent100 Leader – Bret Fitzgerald

3 & Free Promotion: How to Upgrade to a Gen 7 NSsp Firewall for Free – Michelle Ragusa-McBain

Monthly Firewall Services Option for Simplicity and Scalability – Sorosh Faqiri

Jordan Riddles
Copywriter | SonicWall
Jordan Riddles is a Copywriter for SonicWall. Prior to joining the SonicWall team, he was an editor and copywriter for a publishing house as well as a poetry journal. Jordan is a graduate of Northeastern State University in Tahlequah, Oklahoma. In his spare time, he enjoys cooking, reading and disc golfing.