SonicWall's weekly Cybersecurity News and Trends.

Cybersecurity News & Trends – 10-14-22

By

SonicWall curates important news stories and trends that’s affecting our security. It’s Cybersecurity Awareness Week. Stay safe!

In this week’s roundup, SonicWall held a solid global appearance in several leading industry and business journals with new mentions of our Cyber Threat Reports and the 2022 SonicWall Threat Mindset Survey.

In Industry News, there were so many events that we set aside the “big read” because it’s all a big read. Earlier this week, a dozen or more websites operated by US airports were taken down by the Russian hacker gang known as KillNet, according to Washington Post and Reuters. The CISA is keeping an eye on email servers, a known weakness in the nation’s cybersecurity. SecurityWeek and Dark Reading pulled together reports on a hack of Intel’s latest chip development, the Alder Lake BIOS project. The GAO issued a report critical of cybersecurity coordination among the nation’s law enforcement agencies. Bleeping Computer reported a story that almost seems quaint in the age of record-breaking ransomware. A judge in Puerto Rico sentenced a former college student to 13 months of imprisonment for cyberstalking and hacking the social media accounts of more than 100 students (most were female). Krebs on Security reported on an investigation by a US Senator that some US banks are stiffing victims of account takeovers. And finally, the Kaspersky blog published the results of an eye-opening survey of SMBs that shows (among other things) that only 39% have an IT disaster recovery plan.

It’s Cybersecurity Awareness Month. Keep an eye on the SonicWall blog for updates and remember that cybersecurity is everyone’s business. Be safe out there!

SonicWall News

How High Touch Technologies Renewed Their Cyber Insurance Policy

Security Boulevard, SonicWall in the News: The massive spike in ransomware attacks in 2021 – up 105% worldwide, according to SonicWall – left cyber insurance companies facing an exponential increase in claims at the end of last year. In response, insurers tightened their requirements this year, releasing a long list of specific conditions companies now need to meet in order to qualify for a policy.

For Most Companies’ Ransomware Is the Scariest of All Cyberattacks

HelpNetSecurity, SonicWall in the News: SonicWall released the 2022 SonicWall Threat Mindset Survey which found that 66% of customers are more concerned about cyberattacks in 2022, with the main threat being focused on financially motivated attacks like ransomware.

Ingram Micro Ties Up with SonicWall to Expand Their Security Services

CRN (India), SonicWall in the News: SonicWall has designed its MSSP Program to offer a broad suite of cyber defense tools and capabilities to extend end-to-end network security. Ingram Micro will distribute all SonicWall products through its extensive partner network across India, Bangladesh, Bhutan, Maldives, Nepal and Sri Lanka.

Cybercriminals Are Having It Easy with Phishing-as-a-Service

HelpNetSecurity, SonicWall in the News: In this interview for Help Net Security, Immanuel Chavoya, Threat Detection Expert at SonicWall, talks about phishing-as-a-service (PaaS), the risks it can pose to organization, and what to do to tackle this threat.

SonicWall Survey: Vast Majority of Customers Most Worried About Ransomware

Channel Futures, SonicWall in the News: The 2022 SonicWall Threat Mindset Survey found two-thirds (66%) of customers are more concerned about cyberattacks in 2022. In addition, the SonicWall survey shows ransomware leads the distress, as 91% of all customers cited it as their biggest concern. Phishing and spear-phishing (76%), as well as encrypted malware (66%), comprised the top three concerns.

Can MSPs get cyber security ‘right’ for SMEs?

Microscope, SonicWall in the News: Terry Greer-King, vice-president for EMEA and APJ at SonicWall, says the biggest thing MSPs can do for SME customers is to simplify it. “Most people in security see the complexity of it, but an SME needs to be protected from the complexity,” he says. The main point is to ensure the SME is protected “at all levels”, says Greer-King, but MSPs “can typically get too into the weeds, particularly towards the trend of increasingly complex breaches and growing expertise from bad actors.”

New cryptojacking campaign exploits OneDrive vulnerability

CSO Online. SonicWall in the News: Cryptojacking cases rose by 30% to 66.7 million in the first half of 2022, up 30% over the first half of 2021, according to the 2022 SonicWall Cyber Threat Report. The financial sector witnessed a 269% increase in cryptojacking attacks, according to the report.

Study Shows 91% Of Organizations Fear Ransomware Attacks

Technology Magazine, SonicWall in the News: Amid an economic downturn, staffing shortages and endless cyberattacks, financially motivated attacks are the top concern among IT professionals.

SonicWall Backs Cybersecurity Awareness Month, Places Emphasis on Empowering People

M2, SonicWall in the News: This year’s theme – ‘See Yourself in Cyber’ – demonstrates that while cybersecurity may seem like a complex subject, ultimately, it’s really all about people.

Lapsus$ Hit Uber

Cyber Security Intelligence, SonicWall in the News: SonicWall’s mid-year threat report found that malware rose by 2.8 billion globally in the last year. Other findings include encrypted threats has 132% increase to 4.8 billion; finance sector experiences the highest IoT malware attempts up 151%; and IoT Malware is up 134% in the UK and 228% in the US.

The Growing Cybersecurity Threats Facing Retailers

TechMonitor, James Musk Interview: Tech Monitor news editor Matthew Gooding spoke to James Musk, UK sales director at SonicWall, about the company’s research into the types of attacks being used against retailers. They also discuss what businesses can do to protect themselves, and how they can ensure staff are vigilant when it comes to spotting potential cyber breaches.

Industry News

US Airport Websites Hacked, TSA Issues New Cybersecurity Requirements

According to several news outlets, hackers briefly took down websites owned by several major US airports on Monday after a pro-Russian hacker group called for them to be hacked. The websites fell to a series of DDoS (distributed denial of service) attacks. Several airports were targeted, including Chicago, Los Angeles, Atlanta, New York and possibly a dozen more. According to Washington Post, a pro-Russian group called KillNet claimed responsibility. However, they also reported there was no disruption to the operation of the airports, and the attacks only affected public-facing web interfaces dedicated to public information such as flights and services. The follow-up to that attack came a few days later, according to Reuters when the Transportation Security Administration (TSA) said it plans to issue new cybersecurity requirements for some critical aviation systems. While all news reports indicate that hackers did not disrupt airport operations, TSA noted that it previously “updated its aviation security programs to require airport and airline operators designate a cybersecurity coordinator and report cybersecurity incidents, conduct a cybersecurity assessment, and develop remediation measures and incident response plans.”

CISA: Email Servers are Vulnerable

Hackers are attracted to email servers because they contain a wealth of information about employees and their work, as well as attachments and messages that hackers can use to access data. An attacker could use hacked email systems to gain access to an organization’s network to steal data or spy on them. CISA (Cybersecurity and Infrastructure Security Agency) reported last week that hackers accessed a defense contractor’s network through Microsoft Exchange vulnerabilities. The report doesn’t reveal how the hackers got into the network or whether they did any other damage. However, at least one attacker compromised the administrator account and worked from there. The CISA letter was unclear whether these breaches resulted from zero-day vulnerabilities reported earlier. Researchers say that attackers were unnoticed by the victim’s system for several months.

Intel Chip Source Code Cracked?

Intel has confirmed that some of its UEFI source code was leaked, according to SecurityWeek. Someone with a Twitter account made the announcement that about 6 Gb of source code for the Alder Lake BIOS (Intel’s codename for its 12th generation Core processors) had been made public on GitHub and other websites. Intel blamed the leak on an unnamed third party, adding that the company “does not believe this exposes, or creates, any new security vulnerabilities as we do not rely on obfuscation of information as a security measure.” But experts interviewed by Dark Reading disagree. Researcher Mark Ermolov noted, “A very bad thing happened: now, the Intel Boot Guard on the vendor’s platforms can no longer be trusted.” In addition, the researchers at Hardened Vault pointed out the code could be particularly useful for malicious actors who want to reverse engineer the code to find vulnerabilities.

US Agency is Critical of Cybersecurity Coordination for Law Enforcement

Many countries’ law enforcement agencies are more aware of the growing ransomware attacks on local and regional government departments. But agencies often don’t coordinate their work, making tracking attacks difficult. The Government Accountability Office recently reported the same problem in the United States. According to the report, the FBI, Secret Service, and Cybersecurity and Infrastructure Security Agency offer help but lack detailed information sharing and analysis procedures, cybersecurity review and assessment, and incident response.

Student Jailed for Hacking Female Classmates’ Email, Snapchat Accounts

From Bleeping Computer, a judge in Puerto Rico sentenced an ex-student of the University of Puerto Rico (UPR) to 13 months’ imprisonment for hacking into the accounts of 12 female colleagues via Snapchat and email. Ivan Santell-Velazquez pleaded guilty to cyberstalking and admitted having targeted more than 100 students. US Attorney Muldrow stated that “this individual engaged in phishing, spoofing strategies to steal information.” Santell-Valazquez not only targeted dozens of student email addresses but also hacked into several university email accounts to collect personal information through phishing and spoofing attacks.

Between 2019 and 2021, he hacked the Snapchat accounts of several female students and stole nude images. These photos were later shared with others and ended up online. At least in one case, he used nude images stolen from the victim’s Snapchat account to harass her through text messages. The suspect also shared the stolen images on Twitter and Facebook.

Are US Banks Stiffing Account Takeover Victims?

US financial institutions have a legal obligation to stop illegal transactions if US customers have their online banking accounts stolen and plundered by hackers. New data this week shows that account takeover victims at some of the country’s biggest banks are more common than ever but that some of the largest banks are not reimbursing victims as expected.

According to Krebs on Security, Sen. Elizabeth Warren opened an investigation into fraud linked to Zelle, a “peer-to-peer” digital payment service that allows customers to send money quickly to their friends and families. Sen. Warren reports that “overall, the three banks that provided complete data sets reported 35,848 cases of scams, involving over $25.9 million of payments in 2021 and the first half of 2022.” The report continues, “In the vast majority of these cases, the banks did not repay the customers that reported being scammed. Overall these three banks reported repaying customers in only 3,473 cases (representing nearly 10% of scam claims) and repaid only $2.9 million.”

Cyber-Resilience During a Crisis

Now that we have years of experience dealing with year-over-year record malware and ransomware attacks, how well are small and medium businesses staying cyber-prepared? Kaspersky dove into the thick of it with a revealing survey of 1,300 decision-makers and business owners in small and medium-sized businesses in 13 countries.

One of the big numbers that caught our eye: only 39% of respondents indicated they had an IT disaster recovery plan. Another one? A shocking 31% of companies said they would consider using pirated software to save money in times of crisis. Another eye-opener stat: if hit by a crisis, companies must rely on IT functions to keep transactions moving, secure customer data, and connect suppliers with a business. However, just 31% of business managers or owners say they are confident they could keep their IT and information security functions stable if they had to cut costs on IT.

In Case You Missed It

Think Before You Click: Spotting and Stopping a Phish – Amber Wolff

National Cybersecurity Awareness Month Spotlights the Role of Individuals in Stopping Attacks – Amber Wolff

Seamless Security: How SonicWall Solutions Work Together to Safeguard Your Organization – Sarah Choi

SonicWall’s Nicola Scheibe Recognized by CRN as One of 2022’s 100 People You Don’t Know But Should – Bret Fitzgerald

SonicWall NSM 2.3.4 Uplevels Central Management Capabilities – Amber Wolff

Cybersecurity and the Metaverse: Virtual and Real Threats – Ray Wyman

Why 5G Needs to Start with Secure Network Access – Rishabh Parmar

Security Platform Vendors vs. Best-of-Breed Approach to Security Architecture – Rajesh Agnihotri

Why Organizations Should Adopt Wi-Fi 6 Now – David Stansfield

Vote for SonicWall in Computing Security Awards 2022 – Bret Fitzgerald

SonicWall Earns 2022 CRN Annual Report Card (ARC) Honor – Bret Fitzgerald

SonicWall Capture ATP Earns 100% ICSA Threat Detection Rating for Sixth Straight Quarter – Amber Wolff

Ten Cybersecurity Books for Your Late Summer Reading List – Amber Wolff

CoinDesk TV Covers Cryptojacking with Bill Conner – Bret Fitzgerald

First-Half 2022 Threat Intelligence: Geopolitical Forces Rapidly Reshaping Cyber Frontlines – Amber Wolff

2022 CRN Rising Female Star – Bret Fitzgerald

Enhance Security and Control Access to Critical Assets with Network Segmentation – Ajay Uggirala

Three Keys to Modern Cyberdefense: Affordability, Availability, Efficacy – Amber Wolff

BEC Attacks: Can You Stop the Imposters in Your Inbox? – Ken Dang

Cybersecurity in the Fifth Industrial Revolution – Ray Wyman

SonicWall Staff