This week, while remote workers and hospitals alike struggled to adjust to the new realities brought by the COVID-19 pandemic, hackers looked to exploit the upheaval for ill-gotten profit.

---

SonicWall Spotlight

There’s now COVID-19 malware that will wipe your PC and rewrite your MBR – ZDNet

• Amidst the COVID-19 pandemic, some malware authors are releasing coronavirus-themed malware that destroys infected systems by either wiping files or rewriting a computer’s master boot record (MBR). The first of the MBR-rewriters was discovered by security researcher MalwareHunterTeam, as detailed in a report from SonicWall this week.

Cyber Security Threats Loom Large as Employees Work Remotely – The Week

• According to SonicWall’s Capture Labs Threat Research Team, the risks of engaging with any coronavirus app—some of which purport to track infections or point to a vaccine—is very high, as hackers target newly minted remote workers in general, and those concerned about the virus in particular.

SonicWall Research Team Flags off 5 Top Cyberattacks in Times of COVID-19 Pandemic – CXO Today

• The rise in employees working from home due to the COVID-19 pandemic is requiring that businesses provide employees secure access to remote infrastructure, networks and devices—and help safeguard against opportunistic cybercriminals preying on this new pool of remote workers.

---

Cybersecurity News

Marriott International Confirms Data Breach of Guest Information – Intelligent CISO

• Terry Greer-King, VP EMEA at SonicWall, commented on the breach: “The Information Commissioner’s Office’s £99 million fine for Marriott in 2019 for a breach of GDPR was supposed to create much-needed reform on how the company processes and secures data. It appears that certain lessons are yet to be learned.”

Cyber Version of ‘Justice League’ Launches to Fight COVID-19 Related Hacks – Dark Reading

• A group of cybersecurity experts from around the world—including from companies like Microsoft and Okta—have teamed to help organizations fight COVID-19-related hacking and phishing attacks, Dark Reading reports.

Hackers ‘Without Conscience’ Demand Ransom from Health Providers – Bloomberg

• Bloomberg’s Ryan Gallagher reports on threats targeting the healthcare industry as healthcare providers deal with the massive influx of patients afflicted with COVID-19. Experts around the world are warning that hackers could keep doctors from vital patient data by encrypting records.

FBI warns Zoom, teleconference meetings vulnerable to hijacking – Cyberscoop

• The warning comes after reports that Zoom—which is also under fire for leaking personal information to strangers and illegally selling user data to Facebook—isn’t securing communications as advertised.

Tech Giants Prepared for 2016-Style Meddling. But the Threat Has Changed. – The Wall Street Journal

• The chairman of Huawei Technologies warned the U.S. to expect countermeasures from the Chinese government if it further restricts the technology giant’s access to suppliers, as the company’s profit last year grew at the slowest pace in three years.

Banking Malware Spreading via COVID-19 Relief Payment Phishing – Bleeping Computer

• The Zeus Sphinx banking Trojan has recently resurfaced after a three years hiatus as part of a coronavirus-themed phishing campaign, one of many launched as hackers race to take advantage of the current pandemic.

FBI re-sends alert about supply chain attacks for the third time in three months – ZDNet

• The FBI says a group state-sponsored hackers are now targeting the healthcare industry, which is currently grappling with the COVID-19 outbreak.

---

In Case You Missed It

• Securing SaaS: Protect More, Manage Less – Vishnu Chandra Pandey
• How to Simplify Endpoint Security – Vishnu Chandra Pandey
• How to Protect Your Business During a Global Health Crisis – Agasthiamani Sankaran
• Strength in Numbers: SonicWall Named New Member of Cyber Threat Alliance – Lindsey Lockhart
• SonicWall Wins Best UTM Security Solution at SC Awards 2020 – Geoff Blaine
• Catapult the Wi-Fi User Experience: Fast, Secure & Easy to Manage – Srudi Dineshan

This week, coronavirus changes the cybersecurity landscape, and SonicWall examines how to expand your remote workforce.

---

SonicWall Spotlight

How to Protect Your Business During a Global Health Crisis – SonicWall Blog

• As the world works to stop the spread of coronavirus (COVID-19), IT organizations everywhere are adjusting to the technology and security challenges faced due to the sudden need to support a fully remote workforce. SonicWall presents the best practices for expanding your remote workforce, securely.

Threats Across the World: Lessons from Three Years of Threat Reporting – CBR Online

• SonicWall’s Terry-Grear King details the changing cyber threat landscape over the past three years, concluding that the only viable solution to ever changing threats is ever changing defensive measures and constant vigilance.

Here’s What to Look for in a Work-From-Home VPN – Fortune

• SonicWall CEO Bill Conner talks to Fortune about the recent scramble for VPN offerings as they examine what to look for in a VPN if you need to work from home in the current climate.

Don’t Forget Viruses, the Computer Kind – The New Stack

• With so much news airtime dedicated to the spread of coronavirus, New Stack reminds readers that viruses of the computer kind have not gone away, referring to malware figures from the SonicWall 2020 Cyber Threat Report to do so.

Review: Small Businesses Get Big Protection With SonicWall Cloud App Security – Biz Tech Magazine

• SonicWall’s Cloud App Security gets a spin by Biz Tech Magazine who consider it simple enough for non-tech pros to set up and use while also proactive in finding and preventing malware propagation across the cloud.

---

Cybersecurity News

Thousands of COVID-19 Scam and Malware Sites are Being Created on a Daily Basis – ZDNet

• As several SonicWall SonicAlerts have detailed, cybercriminals have wasted no time in taking advantage of the COVID-19 crisis, creating thousands of scam and malware sites on a daily basis. According to one researcher 3,600 new domains that contain the “coronavirus” term were created between March 14 and March 18.

DDoS Attack Trends Reveal Stronger Shift to IoT, Mobile – Dark Reading

• Distributed denial-of-service (DDoS) attacks remain a popular attack vector but new research is finding that that cybercriminals are increasingly turning to mobile and Internet of Things (IoT) technologies to launch their campaigns. With the growth of 5G researchers anticipate attackers will continue to find ways to leverage the IoT to launch these attacks.

Senator Calls for Cybersecurity Review at Health Agencies After Hacking Incident – The Hill

• Following an attempted hack of the Department of Health and Human Services, at a time when it is under great strain, Senator Michael Bennet of Colorado calls for health agencies to allow the Cybersecurity and Infrastructure Security Agency (CISA) to complete a full cybersecurity review of their systems.

France Warns of new Ransomware Gang Targeting Local Governments – ZDNet

• France’s cybersecurity agency, CERT, has issued an alert warning of a new active ransomware gang using a new version of the Mespinoza ransomware strain. The gang has been detected actively targeting local government systems, with the agency receiving reports of multiple infections.

And Finally

Skimming Code Battle on NutriBullet Website may Have Risked Customer Credit Card Data – ZDNet

• A tough week around the world or not, nothing stops Magecart gangs from chalking up another victim, this time Nutribullet, who had the card skimming code on their website from mid-February until as late this week.

---

In Case You Missed It

• Strength in Numbers: SonicWall Named New Member of Cyber Threat Alliance – Lindsey Lockhart
• SonicWall Wins Best UTM Security Solution at SC Awards 2020 – Geoff Blaine
• Catapult the Wi-Fi User Experience: Fast, Secure & Easy to Manage – Srudi Dineshan
• SonicWall Firewall Certified via NetSecOPEN Laboratory Testing, Earns Perfect Security Effectiveness Score Against Private CVE Attacks – Ken Dang
• SonicWall Secures 3 Spots on Annual CRN Channel Chief List – Lindsey Lockhart
• 7 Factors to Consider When Evaluating Endpoint Protection Solutions – Vishnu Chandra Pandey

This week, find out what’s coming down the line in the world of channel, a 5G bill is passed by the senate, and ransomware attackers are going after your cloud backups.

---

SonicWall Spotlight

CEO Outlook 2020 Details – CRN

• SonicWall CEO Bill Conner is interviewed by CRN on what the future of channel sales are, where technology investments is going, and where cybersecurity is going in general.

Network Rail and C3UK Suffer Massive Data Exposure Affecting Thousands – Teiss

• After an exposed database was discovered on one of the UK’s biggest public Wi-Fi providers for the rail network, SonicWall’s Terry Greer-King gives his thoughts on the needs and capabilities of protecting consumer data.

Security Vendors Eye MSSPs as Key Route to Landing MSPs – Channel Pro Network

• Over the next few years managed security spending is predicted to rise fast, outstripping other security spending. SonicWall CEO Bill Conner talks to the Channel Pro Network about why forging alliances with the very best Managed Security Providers (MSP) can be a more efficient way to construct a managed security channel than building thousands of MSP relationships individually.

---

Cybersecurity News

UK Cybersecurity Defense Standards Slip, Calls Made for Improvement – Infosecurity Magazine

• New research into cybersecurity performance in the UK vs. the rest of the Europe has found that UK businesses need to further strengthen their defenses against cyberattacks after the UK slipped in Europe wide ratings.

What to Know About Cyberattacks Targeting Energy Pipelines – The Hill

• The Cybersecurity and Infrastructure Security Agency (CISA) discloses a disruptive cyberattack on a U.S. energy facility, confirming reports that critical infrastructure in the US is increasingly coming under cyberattack from abroad.

Senate Passes Bill Requiring 5G Security Review – Wall Street Journal

• The U.S. Senate passes legislation that would require the administration to identify security threats and possible fixes within the equipment and software that support 5G wireless networks.

FBI Working to ‘Burn Down’ Cybercriminals’ Infrastructure – Washington Times

• FBI Director, Christopher Way, says that law enforcement agents are working to “burn down” the infrastructure of cybercriminals. With huge increases in ransomware attacks, much of it due to the relative ease for criminals to launch them, law enforcement agencies are targeting the host websites and toolmakers of the crimes, rather than “one bad guy at a time.”

Ethical Hackers Submitted More Bugs to the Pentagon than Ever Last Year – Cyberscoop

• The Defense Department’s Cyber Crime Center has released its annual report, finding that white hat hackers are submitting more bugs than ever, with a 21.7% increase in submitted reports over the past year when compared to 2017.

Cathay Pacific Fined £500k by UK’s ICO over Data Breach disclosed in 2018 – TechCrunch

• Cathay Pacific has been issued a £500,000 penalty by the UK’s data watchdog for a 2018 data breach which exposed the personal details of 9.4 million customers globally — 111,578 of whom were from the UK.

Ransomware Attackers Use Your Cloud Backups Against You – BleepinComputer

• Ransomware operators are accessing cloud backups of potential victims in order to prevent them from restoring data. The cybercriminals are also using the backups to launch the cyberattacks themselves and to just plain steal personal data.

---

In Case You Missed It

• SonicWall Wins Best UTM Security Solution at SC Awards 2020 – Geoff Blaine
• Catapult the Wi-Fi User Experience: Fast, Secure & Easy to Manage – Srudi Dineshan
• SonicWall Firewall Certified via NetSecOPEN Laboratory Testing, Earns Perfect Security Effectiveness Score Against Private CVE Attacks – Ken Dang
• SonicWall Secures 3 Spots on Annual CRN Channel Chief List – Lindsey Lockhart
• 7 Factors to Consider When Evaluating Endpoint Protection Solutions – Vishnu Chandra Pandey
• Inside Cybercriminal Inc.: SonicWall Exposes New Cyberattack Data, Threat Actor Behaviors in Latest Report – Geoff Blaine

This week, a SonicWall firewall achieves a perfect score in a real-world conditions laboratory test, and airports are getting ahead of the game when it comes to cybersecurity readiness.

---

SonicWall Spotlight

Tip of the Spear – Ping Podcast Episode 13 – Firewalls.com

• SonicWall’s Matt Brennan talks on the latest episode of Ping, Firewalls.com’s podcast. He explains the risks of spearphishing and business email compromise for Office 365 users, and talks about the worst hands-on cybersecurity situation he has ever seen.

SonicWall Firewall Achieves Perfect Effectiveness Score, Tested in Real-World Conditions via NetSecOPEN Laboratory – SonicWall Press Release

• This week SonicWall announced that it is one of the first security vendors to receive firewall certification in the 2020 NetSecOPEN Test Report. The SonicWall NSa 4650 firewall achieved 100% security effectiveness against all private CVEs used in the test.

Facilities Firm ISS World Crippled by Ransomware Attack – ComputerWeekly

• Denmark-based facilities management firm ISS World disconnected from the internet after suffering a suspected ransomware attack that has left hundreds of thousands of employees without access to their systems or email. SonicWall CEO Bill Conner is quoted talking about changing ransomware tactics, as recently reported in the 2020 SonicWall Cyber Threat Report.

---

Cybersecurity News

Anxiety, Depression and PTSD: The Hidden Epidemic of Data Breaches and Cyber Crimes – USA Today

• USA Today explores the psychological effects of cyberattacks, arguing that they can rival those of terrorism. According to a recent survey 86% of victims of identity theft reported feeling worried, angry and frustrated, nearly 70% felt they could not trust others and they felt unsafe, and more than two-thirds reported feelings of powerlessness or helplessness.

Oil Industry Boosts Spending on Cybersecurity Five-Fold Since 2017 – Security Boulevard

• The Oil & Gas sectors have been investing heavily cyber-defenses over the past three years. In a just published global survey of the industry, cybersecurity was cited as the biggest current investment.

US Defense Agency Says Personal Data ‘Compromised’ in 2019 Data Breach – Tech Crunch

• The Defense Information Systems Agency (DISA), charged with providing information technology and communications support to the U.S. government, including the president and other senior officials, says its network may have been compromised between May and July 2019. Full details on the attack or what was accessed have not been released.

Phishing on Instagram Baits Russians With Free Money Promise – Bleeping Computer

• A large-scale phishing campaign has been discovered running on Instagram to bait Russians with a fake presidential decree that promises a lump-sum payment for a citizen to start their own business.

Hacking Brain-Computer Interfaces – ZDNet

• Brain-computer interfaces are still new tech, but it has already been proven that current models can be hacked.

Cybersecurity Check-in: How Airports are Innovating Against Cyberattacks, Security Breaches and Failing Tech Systems – ItProPortal

• Airports are always under the microscope when it comes to security breaches, whether physical or digital. ItProPortal investigates the current cybersecurity innovations taking place at airports and by airlines in general.

---

In Case You Missed It

• SonicWall Firewall Certified via NetSecOPEN Laboratory Testing, Earns Perfect Security Effectiveness Score Against Private CVE Attacks – Ken Dang
• SonicWall Secures 3 Spots on Annual CRN Channel Chief List – Lindsey Lockhart
• 7 Factors to Consider When Evaluating Endpoint Protection Solutions – Vishnu Chandra Pandey
• RSA 2020: SonicWall Returns with Stories from the Cyber Battlefront – Geoff Blaine
• Inside Cybercriminal Inc.: SonicWall Exposes New Cyberattack Data, Threat Actor Behaviors in Latest Report – Geoff Blaine
• Coronavirus Affecting Business as Remote Workforces Expand Beyond Expected Capacity – Agasthiamani Sankaran

This week, the release of the 2020 SonicWall Cyber Threat Report!

---

SonicWall Spotlight

2020 SonicWall Cyber Threat Report: Threat Actors Pivot Toward More Targeted Attacks, Evasive Exploits – SonicWall Press Release

• This week saw the release of the always anticipated yearly SonicWall Cyber Threat Report! Key takeaways include a drop in malware and ransomware attack volumes but an increase in more targeted attacks, a continued rise in encrypted attacks, and a massive fall in cryptojacking.

Inside Cybercriminal Inc.: SonicWall Exposes New Cyberattack Data, Threat Actor Behaviors in Latest Report  – Geoff Blaine

• SonicWall Vice President of Marketing Geoff Blaine digs into the 2020 Cyber Threat Report, laying out and analyzing the data SonicWall’s Cyber Threat Team have found over the past year.

The CyberWire Daily Briefing – Cyberwire

• The SonicWall 2020 Cyber Threat Report is picked up in the CyberWire Daily news report. Other English language coverage include pieces by Politico, SC Magazine, Dark Reading, Tech Republic, Information Age, The Register, Channelnomics, HelpNetSecurity, VMBlog, Blockonomi, Computer Weekly, ChannelWeb and Var India.

Vulnerability in Linear eMerge Access Controllers Exploited in the Wild – SecurityWeek

• SecurityWeek picks up on SonicWall’s recent SonicAlert about a known vulnerability in Nortek Security & Control’s Linear Emerge E3 Access Controller actively being exploited. Despite this vulnerability being raised a year ago and considered critical, no fix has yet been implemented.

---

Cybersecurity News

Kobe Bryant Wallpaper Shows how Hackers Exploit Mourning Fans for Cryptocurrency Mining – The Independent (UK)

• Cybercriminals have been detected attempting to profit from the death of Kobe Bryant by hiding malware within downloadable wallpapers of the basketball star.

Internet of Things: Smart Cities Pick Up the Pace – Financial Times

• As 5G and the Internet of Things go from a future development to a reality, so do smart cities. The Financial Times investigates where smart cites are right now, how deep 5G and IoT penetration currently goes and what they are likely to look like in the future, including the prediction that up to 30% of smart city programs will be abandoned by 2023.

Magecart Group Jumps from Olympic Ticket Website to new Wave of E-Commerce Shops – ZDNet

• Despite recent arrests of a major magecart group, a new wave of the malware has been detected spreading across a Russian hosting provider using a Chinese domain registrar, who suspended the domain when the malware was reported.

Watch Out for Coronavirus Phishing Scams – Wired

• A number of phishing scams have been detected where attackers disseminate malicious links and PDFs that claim to contain information on how to protect yourself from the spread of the Coronavirus. SonicWall’s Cyber Threat team have also detected malicious executables being spread using fears of the virus as bait.

Feds are Lining up More Indictments Related to Chinese Cyber-Activity, Officials say – Cyberscoop

• U.S. prosecutors are preparing to issue new charges against Chinese nationals related to alleged hacking and insider threats at U.S. organizations. U.S. officials have repeatedly accused China of breaking a 2015 agreement not to conduct “cyber-enabled” intellectual property theft and have ramped up pressure by announcing criminal charges against Chinese nationals. Strain over Huawei and the nascent 5G network may bring the whole thing to a head.

---

In Case You Missed It

• Coronavirus Affecting Business as Remote Workforces Expand Beyond Expected Capacity – Agasthiamani Sankaran
• The Worst Cyberattacks and Data Breaches of 2019 – John Lynch
• Bett 2020: SonicWall Showcases Cybersecurity Solutions for Educational Institutions – David Peace
• Spear-Phishing Attacks Targeting Office 365 Users, SaaS Applications – Matt Brennan
• A Hard Study in Ransomware: Education Being Held Hostage – Brook Chelmo
• Smarter Cybersecurity: How SecOps Can Simplify Security Management, Oversight & Real-Time Decision-Making – Ken Dang