This week, SonicWall CEO Bill Conner is recognized with a Top Executive accolade from CRN, it’s a tough week for major global retailers impacted by data breaches and cybersecurity concerns aboard the International Space Station.

SonicWall Spotlight

The Top 25 Enterprise IT Innovators Of 2019 – CRN

• SonicWall CEO Bill Conner is listed as one of the 25 Most Innovative Executives, “always two steps ahead of the competition,” part of CRN’s Top 100 Executives Of 2019 list.

Ransomware Today: Everything You Need to Know to Protect Your Business – Infoblox Threattalk (podcast)

• Infoblox’s podcast discusses the evolving rate of ransomware attacks and what organizations need to do to decrease the likelihood of a ransomware attack, referring to the 2019 Sonicwall Cyber Threat Report data that ransomware attacks have grown per customer at a rate of 11% year on year.

Four Signs the U.S Government Is Becoming More Aggressive With Cybersecurity – Law.com

• With the NSA launching the Cybersecurity Directorate in October, Law.com argue that we are entering an era of more aggressive cybersecurity, quoting SonicWall CEO Bill Conner on the need for public and private sectors to share data.

Cybersecurity News

Hacker Threatened Shooting at Social Media Company, U.S. Says – Bloomberg

• The Seattle woman accused of a massive hack of personal and financial data from Capital One Financial Corp. threatened to shoot up an unnamed California social media company, according to court records.

Data Breach Can Cost About $3.2 Million. So What Has Your Business Done to Protect Important Data? – The Philadelphia Inquirer

• Two recent studies have found that over half of small and medium-sized companies are not prepared for a cyberattack, despite the cost of a data breach having risen 12% over the last five years and now averaging $3.92 million per business.

Cybersecurity Officials Warn State and Local Agencies (Again) to Fend off Ransomware – Ars Technica

• As Louisiana was declaring a cybersecurity state of emergency, Baltimore was approving $10 million in spending to recover from its own nearly month-long ransomware related IT outage. Reacting to these and other incidents, several US government departments, CISA, MS-ISAC, NGA & NASCIO, have issued a joint statement for state, local, territorial and tribal government partners recommending immediate action to safeguard against ransomware attacks.

Sephora Data Breach Hits Southeast Asia and ANZ Customers – ZDNet

• Some personal information such as first and last name, date of birth, gender, email address, and encrypted password, as well as data related to beauty preferences may have been exposed.

5 Experimental Cybersecurity Trends Your Business Needs to Know About – Tech Republic

• Disinformation defense, open source security, zero-knowledge proofs, homomorphic encryption and blockchain security – five experimental cybersecurity trends Tech Republic speculate are increasingly becoming more important.

New Mirai Botnet Lurks in the Tor Network to Stay Under the Radar – ZDNet

• A new, Mirai based, Internet of Things botnet has been found hiding online, launching itself from the Tor network in an effort to prevent takedowns. While this is not the first time that malware has attempted to anonymize itself and become more difficult to combat by using Tor, some experts think this may be a “possible precedent” setting case.

And Finally

Cybersecurity test on ISS – Phys.org

• Space, the cybersecurity frontier. Experiments are being carried out to improve cybersecurity on the International Space Station.

In Case You Missed It

• Inside the Capital One Data Breach: What Went Wrong – Agasthiamani Sankaran
• Black Hat USA 2019: SonicWall Heads to Vegas – Geoff Blaine
• Wind River VxWorks and URGENT/11: Patch Now – John Gmuender
• Mid-Year Update: 2019 SonicWall Cyber Threat Report – Geoff Blaine
• 5 Best Practices for Fast, Secure Wi-Fi on K-12 Campuses – Srudi Dineshan

This week, SonicWall CEO Bill Conner is included on a coolest CEO list and we have a special look at what people are saying about the growth of AI in the cybersecurity arena.

SonicWall Spotlight

The 11 Coolest Endpoint Security CEOs of 2019 – Solutions Review

• SonicWall CEO Bill Conner is named one of Solutions Review’s top 11 coolest Endpoint Security CEOs, recognizing CEOs who bring “their own unique blend of experience and expertise to their endpoint security companies.”

SonicWall on Youtube

• Did you know that SonicWall has an official channel on YouTube? We update it with all sorts of content, such as technical support videos, SonicWall product news, unboxing videos and more. You can follow us for updates here.

Sonicwall’s Roadshow Guides Customers and Channel Partners Address Network Security Issues – SME Channels (India)

• SonicWall’s Debasish Mukherjee is quoted talking at the SonicWall roadshow at Mumbai And Delhi.

Cybersecurity News

Why AI is the Future of Cybersecurity – Forbes

• Forbes digs into the figures available in a new report titled “Reinventing Cybersecurity with Artificial Intelligence” to see who is, and who is not, using AI in cybersecurity research. They conclude that with 69% of enterprises polled believing AI will be necessary to counter cyberattacks AI is going to be the future, one way or another.

AI Has a Bias Problem and That Can Be a Big Challenge in Cybersecurity – CNBC

• If AI is the future of cybersecurity, then what can be done about its inherent bias problems? CNBC investigates how bias is found in the program, the data and the people who design the AI systems.

Researchers Easily Trick Cylance’s AI-Based Antivirus Into Thinking Malware Is ‘Goodware’ – Motherboard

• Researchers in Australia say they have found a way of subverting Cylance’s AI-based antivirus into thinking malware, including the high-profile ransomware like Wannacry, is “goodware.” The relatively simple method involves taking strings from a non-malicious file and appending them to a malicious one, tricking the system into thinking the malicious file is benign.

Debunking the Myths of AI Cybersecurity – ITProPortal

• ITProPortal look at four AI cybersecurity myths and explain why they are either incorrect or overblown.

What Kind of Cybersecurity Threats Does 5G Pose? – Silicon Republic

• Huawei are currently global leaders in 5G infrastructure but with concerns in the USA, now spreading to the UK, over whether or not the company is sufficiently independent from the government of China, could threats in 5G infrastructure be like finding a needle in a haystack?

Cyberattacks Inflict Deep Harm at Technology-Rich Schools – New York Times

• Schools are becoming ever-more attractive targets for cybercriminals as a school will hold a wealth of personal information on its students and provides critical public services. The Washington Times investigates the increase in cyberattacks on schools and how the FBI can only do so much when an attack is successful.

And finally:

FBI Shares Master Decryption Keys for Prolific GandCrab Ransomware – Washington Times

• The jig appears to finally be up for the Gandcrab ransomware group after master decryption keys were made public by the FBI. The group appears to have known this was coming and had ended its criminal “affiliate program” after claiming that the program had generated over $2 billion in ransom payments.

In Case You Missed It

• 5 Best Practices for Fast, Secure Wi-Fi on K-12 Campuses – Srudi Dineshan
• Switch to SonicWall: 8 Reasons to Trade In Your Old Firewall – Bob Vankirk
• AI, Threat Intelligence and The Cyber Arms Race: SonicWall CEO Bill Conner Joins Chertoff Group Security Series Event – John Lynch
• Defending Endpoints from Fast, Ferocious Ransomware Attacks – Brook Chelmo
• SonicWall, ADT Ink Partnership to Offer Managed Cybersecurity Solutions to SMBs – David Chamberlin

This week, SonicWall data continues to drive innovation in the cybersecurity space, the biggest cybersecurity crises of 2019 so far, and FireEye reconsiders its choice of keynote speaker for this year’s Cyber Defense Summit following online backlash.

SonicWall Spotlight

Three-Tiered Security for the Internet of Things – Engineering.com

• Galvanized by data from the 2019 annual SonicWall Cyber Threat Report, which shows a rapid increase in Internet of Things (IoT) attacks, cybersecurity researchers are doubling down on efforts to improve security in IoT by tackling vulnerabilities in microcontroller units (MCUs). Avnet and Microsoft have partnered in one such effort, designing the infrastructure of hardware along with its software and cloud-ecosystem to deliver Azure Sphere.

SonicWall TZ300P Review: A Multi-Site Marvel – IT Pro

• IT Pro reviews the SonicWall TZ300P, a versatile and affordable firewall, built with SMBs and remote offices in mind. The commendatory review concludes that the TZ300P delivers a “wealth of security measures at a great price.”

Cybersecurity News

The Biggest Cybersecurity Crises of 2019 So Far – Wired

• From the Perceptics breach to LockerGoga to supply chain attacks on Microsoft and Asus, Wired provides an overview of the biggest cyberattacks reported in the first half of the year.

Hillary Clinton Withdraws From Cybersecurity Conference Speaking Gig, Citing ‘Unforeseen Circumstance’ – The Epoch Times

• Following online backlash to a controversial keynote speaker announcement for this year’s FireEye Cyber Defense Summit, FireEye has announced in an email this week that Hillary Clinton will no longer be participating in this year’s conference as the keynote speaker citing “unforeseen circumstance.”

Hackers in Md. Breach Accessed Names, Social Security Numbers of up to 78,000 People – The Washington Post

• A labor department breach in Maryland has resulted in the exposure of names and Social Security numbers belonging to as many as 78,000 people who received unemployment in 2012 or who sought a general equivalency diploma in recent years.

Confirmed: 2 Billion Records Exposed In Massive Smart Home Device Breach – Forbes

• Researchers from vpnMentor have uncovered a database housing more than 2 billion logs containing everything from user passwords to account reset codes and even a “smart” camera recorded conversation. The database, belonging to Chinese company Orvibo, was not password protected.

US Border Agency Cuts Ties with Breached Surveillance Contractor – The Verge

• US Customs and Border Protection has suspended all federal contracts with Perceptics, a surveillance contractor suspected of suffering a data breach first reported in May.

And finally:

WannaLocker Ransomware Found Combined with RAT and Banking Trojan – SC Magazine

• Researchers are warning that a new version of WannaLocker – essentially a mobile derivative of WannaCry ransomware – has been enhanced with spyware, remote access trojan and banking trojan capabilities.

In Case You Missed It

• Switch to SonicWall: 8 Reasons to Trade In Your Old Firewall – Bob VanKirk
• AI, Threat Intelligence and The Cyber Arms Race: SonicWall CEO Bill Conner Joins Chertoff Group Security Series Event – John Lynch
• Defending Endpoints from Fast, Ferocious Ransomware Attacks – Brook Chelmo
• SonicWall, ADT Ink Partnership to Offer Managed Cybersecurity Solutions to SMBs – David Chamberlin
• The E-rate ‘Fear Less’ Solution – SonicWall Staff

This week, it’s National Selfie Day, Facebook launches its cryptocurrency, and, as predicted by SonicWall, ransomware is all over the news.

SonicWall Spotlight

National Selfie Day

• June 21 is National Selfie Day and SonicWall staff around the world are taking part! Can you name all the locations?

Innovation Will Sharpen America’s Tech Edge, Federal Officials Say – NextGov

• SonicWall CEO Bill Conner appeared at a Chertoff Group Security Series Event this week. Next Gov quotes his insight as they cover the full discussion between him, Christopher Krebs, director of the Homeland Security Department’s Cybersecurity and Infrastructure Security Agency, and Dimitri Kusnezov, Deputy Under Secretary for Artificial Intelligence & Technology, Department of Energy.

Latest Attack From TrickBot Malware Family Identified: SonicWall – CRN (India)

• CRN follow up on the SonicWall Capture Labs Threat Research Team’s identification of a new variant of Trickbot malware. The modular structure on this malware allows it to freely add new functionalities without modifying the core bot. This story was also covered in Var India, DataQuest, NCN Online, Tech Herald, and CSO Forum.

Cyber Security News

U.S. Lawmaker Calls for Facebook to Pause Cryptocurrency Project – Reuters

• Amid comments that Facebook is “already too big and too powerful,” House Representative Maxine Waters is calling for Facebook to halt development on the Libra cryptocurrency until Congress and regulators can review the issue.

Hit by Ransomware Attack, Florida City Agrees to Pay Hackers – New York Times

• The City Council of Riviera Beach unanimously agrees to have its insurance carrier pay 65 Bitcoin, about $592,000, to hackers after the city systems were caught by a ransomware attack three weeks previously.

Is AI Fundamental to the Future of Cybersecurity? – CSO Online

• While traditional cybersecurity tools require some level of human interaction to keep them running and up-to date, CSO Online investigate the development and advancement of AI which may be able to develop and improve with little to no human involvement. They also predict that passwords will become obsolete if AI proves to be the more secure option.

U.S. Cities Are Under Attack From Ransomware — and It’s Going to Get Much Worse – Vice News

• With Atlanta, Baltimore, and many smaller cities getting hurt by ransomware, Vice argues that ransomware attacks appear to be spiking right now due to increased focus on government targeting, and just how easy launching an attack has become.

Inside the FBI’s Fight Against Cybercrime – Dark Reading

• Dark Reading conducts an interview with a member of one of the small FBI teams that are dedicated to fighting cybercrime. The agent discusses the difficulties of being heavily outnumbered by criminal actors, but also the surprisingly high level of successes that they have achieved – including defeating the massive Mirai DDoS-for-hire attacks

Desjardins, Canada’s Largest Credit Union, Announces Security Breach – ZDNet

• Canada’s largest credit union announces that 2.9 million members had customer data – including names, date of birth, social insurance number, addresses and more – taken from its database by a now ex-employee. The Credit Union is currently working with law enforcement to investigate the breach.

Maryland Governor Signs Order to Boost Cybersecurity After Baltimore Ransomware Attack – The Hill

• Responding to Baltimore’s recent ransomware woes, Maryland Governor Larry Hogan signs an executive order establishing the “Maryland Cyber Defense Initiative” and creating a Chief Information Security Officer who will be charged with giving cybersecurity recommendations to the governor.

In Case You Missed It

• Defending Endpoints from Fast, Ferocious Ransomware Attacks – Brook Chelmo
• SonicWall, ADT Ink Partnership to Offer Managed Cybersecurity Solutions to SMBs – David Chamberlin
• The E-rate ‘Fear Less’ Solution – SonicWall Staff
• Navigating the E-rate Program: Forms, Filling Cycles & Rules – SonicWall Staff
• An Explanation of E-rate: How to Cost-Effectively Protect K12 Networks – SonicWall Staff
• Inside the Modern Phishing Campaigns of 2019 – Ganesh Umapathy

This week, there’s a new cybersecurity power couple as SonicWall and ADT announce a strategic partnership to protect SMBs, U.S. cities face a ransomware pandemic and the ‘invisible web’ is growing rapidly.

SonicWall Spotlight

ADT Selects SonicWall as Exclusive Provider of Managed Cybersecurity Service Offerings for SMBs – SonicWall

• SonicWall and ADT announce a strategic partnership that provides an exclusive cybersecurity offering to better protect small- and medium-sized businesses (SMB) from the growing volume of cyberattacks.

ADT Teams Up with SonicWall for SMB Security Services – Dark Reading

• SonicWall CEO Bill Conner explains why SonicWall was the logical choice for a new cybersecurity offering from ADT, a company best known or delivering physical security monitoring. The connection between the two companies dates back to ADT’s acquisition of Secure Designs, Inc (SDI), formerly an MSSP selling SonicWall SMB security products.

Cyber Security News

Hackers Won’t Let Up in Their Attack on U.S. Cities – The Wall Street Journal

• As Baltimore is still recovering a month after a devastating ransomware attack crippled the city’s infrastructure, the FBI is warning that this is not an isolated incident, calling the growing levels of ransomware attacks a “pandemic in the United States”.

Cyber-Thieves Turn to ‘Invisible Net’ to Set Up Attacks – BBC News

• Gated chat forums, invitation-only communities and encrypted apps are the new communication channels of choice for cybercriminals to evade law enforcement agencies.

Hackers Steal $9.5 Million from GateHub Cryptocurrency Wallets – ZD Net

• GateHub has released a preliminary statement confirming a security breach that has resulted in nearly $9.5 million stolen from the users of their cryptocurrency wallet service.

Hacking Diabetes: People Break into Insulin Pumps as an Alternative to Delayed Innovations – USA Today

• Diabetes patients are jailbreaking their own insulin pumps, using instructions found online, in order to give their pumps the ability to self-adjust and remove the need for constant blood sugar monitoring.

LabCorp Data Breach Exposes Information of 7.7 Million Consumers – USA Today

• A day after Quest Diagnostics announced 12 million patients were affected by a data breach, another medical testing company says its patients’ data was also compromised.

Hackers Can Now Bypass Two-Factor Authentication With a New Kind of Phishing Scam – Fortune

• Two-factor authentication, the added security step that requires people enter a code sent to their phone or email, has traditionally worked to keep usernames and passwords safe from phishing attacks.

Baltimore Ransomware Attack: NSA Faces Questions – BBC

• After a ransomware attack currently estimated to cost at least $18M Baltimore officials are questioning why the hacking vulnerability known as EternalBlue was not disclosed when discovered by the NSA years ago. The NSA are declining to comment on the issue.

New Zealand Budget Leak: ‘Hackers’ Had Simply Searched Treasury Website – The Guardian

• After the embargoed New Zealand budget was leaked to the opposition National Party days before it was due to be released, officials were quick to call it a hack. However, it has now been found that the documents were searchable on the New Zealand treasury website.

HawkEye Malware Campaign Upticks on Business Users – SC Magazine

• Hawkeye, a keylogger than has been around for six years, has seen a major increase in a campaign targeting business users worldwide.

Startups: Embrace Cybersecurity Priorities From Day One – Forbes

• Forbes argues that cybersecurity in startups should not be considered an add-on or a luxury product and provide four cybersecurity priorities that a startup needs to think about from day one.

Emotet Made up 61% of Malicious Payloads in Q1 – Dark Reading

• A new study has found that 61% of all malware payloads in the first quarter of 2019 contained the Emotet botnet.

Security Expert: Here’s How Driverless Cars Could Be Hacked – Yahoo! Finance

• As cars modernize and driverless cars are becoming a reality it is fair to say that they are becoming more and more like a series of interconnected computers. Yahoo! Finance looks at where the security weakpoint in these computers might be found, how it could be targeted by hackers, and how the car industry is struggling to keep up with security requirements.

Nation-State Security: Private Sector Necessity – SecurityWeek

• Attackers with the funding and technical support of nation-states are now targeting commercial entities and the obvious split between commercial and political cyberattacks is disappearing. SecurityWeek examine the current threat landscape, including the increasing number of organizations embracing “Zero Trust” security models where all environments are considered untrusted until proven otherwise. They then offer some advice on how to ensure your organization is ready for cyberattacks.

Microsoft Issues Second Warning About Patching BlueKeep as PoC Code Goes Public – ZDNet

• Microsoft again warned users to ensure their patches are up to date to protect against the Bluekeep vulnerability – described as similar to the EternalBlue exploit – after a proof-of-concept attack appeared online. SonicWall provides protection against this threat.

In Case You Missed It

• SonicWall, ADT Ink Partnership to Offer Managed Cybersecurity Solutions to SMBs – David Chamberlin
• Inside the Modern Phishing Campaigns of 2019 – Ganesh Umapathy
• The E-rate ‘Fear Less’ Solution – SonicWall Staff
• Navigating the E-rate Program: Forms, Filling Cycles & Rules – SonicWall Staff
• An Explanation of E-rate: How to Cost-Effectively Protect K12 Networks – SonicWall Staff
• 4 Ways the WhatsApp Exploit Could Use Employees to Infiltrate Your Network – Rob Krug