Cyber Security News & Trends

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.


SonicWall Spotlight

Bringing Visibility to the Midmarket  Data Breach Today

  • In a video interview with ISMG’s Data Breach Today, SonicWall’s Bill Conner shares his vision to ensure smaller and mid-sized businesses have a clear view of the threat landscape taking aim at their companies. In the video he expands on the SME visibility challenge, SonicWall’s solutions to improve alerts and analytics and how SonicWall is addressing customer cloud security concerns.

Jonesboro Council Tackles Cybersafety  The Clayton News Daily

  • Due to the recent Atlanta data breach, other cities are taking the initiative to bolster their preventative cybersecurity measures such as Georgia’s Jonesboro City Council who recommend SonicWall’s TZ300 Firewall solution to protect the city’s financial data.

SonicAlert: New Variant Family of PUBG Ransomware  SonicWall Security Center

  • The SonicWall Capture Labs Threat Research Team has observed reports of a new variant family of PUBG Ransomware [Pubg.RSM] actively spreading in the wild. PUBG Ransomware encrypts the victim’s files and forces them to play an hour of a game called PlayerUnknown’s Battlegrounds to get their files back.

Cyber Security News

Almost Half UK Businesses Suffered Cyberattack or Security Breach Last Year, Figures Show  The Independent

  • Nearly half the businesses in the UK have fallen victim to cyberattacks or security breaches in the last year, costing them each thousands of pounds, new data shows.

Global Police Just Shut Down World’s Largest Marketplace That Allegedly Disrupted Millions of Sites  The Washington Post

  • An international police operation recently shut down the world’s largest for-hire service that allegedly slowed and disrupted millions of websites using malicious cyber tools, officials said Wednesday.

Traffic Hijack: Users Sent to Phishing Site in Two-Hour Cryptocurrency Heist  ZDNet

  • Attackers on Tuesday pulled off a complex attack using kinks in core internet infrastructure that caused users of an Ethereum wallet developer’s website to be redirected to a phishing site.

Huawei Under Criminal Investigation Over Iran Sanctions  The Wall Street Journal

  • The Justice Department is investigating whether Huawei Technologies Co. violated U.S. sanctions related to Iran, according to people familiar with the matter, opening a new avenue of scrutiny amid wider national-security concerns over the Chinese cellular-electronics giant.

This Ransomware was Rewritten to Mine Cryptocurrency – and Destroy Your Files  ZDNet

  • Some criminals are shifting from ransomware to cryptocurrency miners — those behind XiaoBa have rejigged the code to shift the same malware towards a different focus.

In Case You Missed It

Cyber Security News & Trends

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.


SonicWall Spotlight

Jonesboro Council Tackles Cybersafety — The Clayton News Daily

  • Due to the recent Atlanta data breach, other cities are taking the initiative to bolster their preventative cybersecurity measures such as Georgia’s Jonesboro City Council who recommend SonicWall’s TZ300 Firewall solution to protect the city’s financial data.

SonicWall Bags the Most Promising Cybersecurity Vendor of the Year Award — InfoSecurity Live

  • In India, SonicWall has been awarded the InfoSecurity Live Editor’s Choice Award for the Most Promising Cybersecurity Vendor of the Year for 2017 through 2018.

SonicAlert: New Variant Family of PUBG Ransomware — SonicWall Security Center

  • The SonicWall Capture Labs Threat Research Team has observed reports of a new variant family of PUBG Ransomware [Pubg.RSM] actively spreading in the wild. PUBG Ransomware encrypts the victim’s files and forces them to play an hour of a game called PlayerUnknown’s Battlegrounds to get their files back.

10 Hot New Cloud Security Products Announced at RSA 2018 — CRN

  • The SonicWall Capture Cloud Platform is featured as the second product to make CRN’s 10 Hot New Cloud Security Products list announced at RSA this week.

20 Hot New Security Products Announced At RSA 2018 — CRN

  • SonicWall’s NSv Virtual Firewall is featured in CRN’s 20 Hot New Security Products listing at RSA 2018.

20 Hot New Security Products Announced At RSA 2018 — CRN

  • The 20 Hot New Security Products list at RSA 2018 also highlights SonicWall’s Capture Client for enabling advanced endpoint security.

EXCLUSIVE: Britain Facing Cyber War as Online Attacks Soar by 300% — Daily Express

  • In an exclusive interview with The Daily Express’ John Ingham, SonicWall President and CEO Bill Conner discusses the 300 percent increase in UK cyber attacks, compared to a 151 percent increase worldwide.

Cyber Security News

Huawei and ZTE Hit Hard as U.S. Moves Against Chinese Tech Firms — The New York Times

  • The United States undercut China’s technology ambitions on Tuesday, advancing a new rule that would limit the ability of Chinese telecommunications companies to sell their products in this country.

This Ransomware was Rewritten to Mine Cryptocurrency – and Destroy Your Files — ZDNet

  • Some criminals are shifting from ransomware to cryptocurrency miners – those behind XiaoBa have rejigged the code to shift the same malware towards a different focus.

Critical Infrastructure Needs Shoring Up After U.S., U.K. Blame Russia for Attacks — SC Magazine

  • The U.S. is prepared to take aggressive action against Russia for a recent, extended campaign of cyberattacks on infrastructure assets around the world by compromising devices such as routers and firewalls, the White House cybersecurity coordinator, who has since left his position, said Monday.

DHS Secretary: U.S. Could Cyberattack Countries Sponsoring Hacks — CNet

  • Kirstjen Nielsen tells RSA conference the U.S. hasn’t ruled out offensive cyberattacks to prevent hacks from other countries.

SamSam Explained: Everything You Need to Know About This Opportunistic Group of Threat Actors — CSO

  • In his latest article, Steve Ragan talks about the group behind the SamSam family of ransomware, known for recent attacks on healthcare organizations and other targets.

In Case You Missed It


Upcoming Events & Webinars

April 25
Webinar
11 a.m. PDT
Stop Fileless Malware with SonicWall Capture Client
> Register Now

Cyber Security News & Trends

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.


SonicWall Spotlight

Ransomware Tops Malicious Attack Charts  BBC

  • SonicWall President and CEO Bill Conner talks about the growing concern of ransomware attacks as numbers indicate a growing number of attacks on the UK’s SMBs.

EXCLUSIVE: Britain Facing Cyber War as Online Attacks Soar by 300%  Daily Express

  • In an exclusive interview with The Daily Express’ John Ingham, SonicWall President and CEO Bill Conner discusses the 300 percent increase in UK cyber attacks, compared to a 151 percent increase worldwide.

Cyber Security News

Imagine You’re Having a CT Scan and Malware Alters the Radiation Levels  The Register

  • As memories of last May’s WannaCry cyber attack fade, the healthcare sector and Britain’s NHS are still deep in learning.

Privacy Imported: US Weighs EU-Style Regulations to Protect Your Data    CNET

  • Congressional hearings with Facebook’s Mark Zuckerberg get lawmakers talking about regulations for internet companies’ collection and use of consumer data.

Company Insiders Behind 1 in 4 Data Breaches – Study    The Register

  • From The Register’s report on the annual Verizon Threat Report.

Researchers Unearth New Malware Designed to Make ATMs Spew Out Cash  Gizmodo

  • Researchers have recently discovered a new kind of “jackpotting” malware — the sole purpose of which is forcing ATMs to spit out huge volumes of cash.

In Case You Missed It


Upcoming Events & Webinars

April 16-20
RSA Conference
San Francisco
Moscone Center
Booth 4115, North Hall

April 25
Webinar
11 a.m. PDT
Stop Fileless Malware with SonicWall Capture Client
> Register Now

Cyber Security News & Trends

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.


Special Section: 2018 SonicWall Cyber Threat Report

‘Malware-cocktail’ cyber attacks double in one year, shocking report warns — London Evening Standard

The News: The popular UK news publication highlights the shifting behavior of malware authors examined in the 2018 SonicWall Cyber Threat Report.

Quotable: SonicWall CEO Bill Conner described the attacks as a “cyber arms race affecting every government, business, organization and individual.”

Malware Attacks Up, Ransomware Attacks Down in 2017, SonicWall Reports — eWeek

The News: eWeek offers a slideshow that visually explores findings of this year’s SonicWall Cyber Threat Report.

Quotable: “There were a lot of mixed signals in the cyber security attack landscape in 2017 …”

Ransomware decreasing in quantity but increasing in potency — SecurityBrief

The News: SecurityBrief reporter Ashton Young outlines the increase in ransomware variants.

Quotable: “The risks to business, privacy and related data grow by the day — so much so that cybersecurity is outranking some of the more traditional business risks and concerns,” says SonicWall CEO Bill Conner.


Cyber Security News

A New Mira-style Botnet is Targeting the Financial Sector  ZDNet

  • Three financial sector institutions have become the latest victims of distributed denial-of-service (DDoS) attacks in recent months in what looks like an attack by the IoTroop botnet known to target financial firms.

Cyberattack Shows Vulnerability of Gas Pipeline Network The New York Times

  • Last week’s attack on four of the nation’s natural-gas pipeline operators that temporarily shut down computer communications with customers shines a light on the potential vulnerability of the nation’s energy system.

Iranian Hackers Breach Singapore Universities to Access Research Data — ZDNET

  • Believed to be part of last month’s attacks against global education institutions, the hackers breached 52 accounts across four Singapore universities, including NTU and NUS, to gain access to research articles.

Equifax Taps Mark Begor as CEO Following Cyber Attack That Exposed Data for 148M Consumers — USA Today

  • New Equifax CEO named. Mark Begor to lead the credit reporting giant’s bid to recover from a cyber breach that exposed the personal data of 148 million consumers.

20 suspect hackers arrested over online banking fraud ZDNet

  • On March 28, a series of arrests took place across Europe. In total, the raids resulted in the arrest of nine individuals from Romania and 11 in Italy, all of which are remanded in custody.

In Case You Missed It


Upcoming Events & Webinars

April 25
Webinar
11 A.M. PDT
Stop Fileless Malware with SonicWall Capture Client
Register Now

April 16-20
RSA Conference
San Francisco
Moscone Center
Booth 4115, North Hall

Cryptocurrency, Ransomware and the Future of Our Economy

History is full of people who’ve labored over missed opportunities. Like all other non-bitcoin-owning people, I am one of them.

I first heard of cryptocurrency in early 2013 and scoffed at the idea that something with no intrinsic or collectable value would trade for $20. The concept of owning a portion of a cryptographic code — and it having actual value — is still hard for many to swallow.

Now that an available bitcoin (BTC) is valued at over $19,000 (USD), I languish the fact that an investment of $1,000 in 2013 would have net me half of a million dollars today. Furthermore, had I been tuned into the movement in 2010, I would be a billionaire today. You too. Stings a little, doesn’t it?

At no point in history has it been so easy to become extremely wealthy out of thin air. And it is not just people like you and me who think about this, but criminals as well. This is not only causing major shifts in financial markets, but also in malware development.

What is Cryptocurrency?

With all of the noise about cryptocurrency, here is what we know as we near 2018:

  • There are, or have been, over 1,300 other cryptocurrencies on the market. These are called altcoins.
  • Most people have never owned a single “coin” from any blockchain.
  • Most have no basis for value, which means it’s subjective and speculative (e.g., like a baseball card or an artistic sketch). The community dictates the value.
  • Some are tied to a real currency (e.g., 1 Tether coin = $1 USD).
  • Governments struggle with regulation and don’t want to encourage the use of decentralized currencies.
  • They often function like startups. Founders get an early crack at the supply chain and hold an equitable stake in the algorithm. Instead of a stock IPO they release them as part of an Initial Coin Offering (ICO).
  • Most of the popular coins cannot be mined by your computer anymore. Today, it’s only achieved through professional-grade mining operations.
  • No one knows how high or low bitcoins and cryptocurrency will go; either they will die or become the basis for our future economy.
  • The popular coins today are desired by cybercriminals and are the main form of payment within ransomware.
  • Like a TLS digital certificate, cracking the actual encryption is nearly impossible. Bitcoins are, however, fairly easy to steal and even easier to lose or destroy.
  • Malware is used to steal coins and to also turn infected endpoints into mining bots.

Bitcoin Is the Great Ransomware Enabler

Because cryptocurrency is virtually un-trackable, holds great value and is easily traded online, they are the preferred way to get paid on the black market. Without the value of bitcoin, you wouldn’t have heard about ransomware.

Ransomware is responsible for causing billions of dollars (USD) in damage across the world. Furthermore, the actual cost of the problem isn’t the cost of bitcoin to return your files (if you ever get them back), but the fallout from an attack.

Ransomware is fun for the media because you can easily quantify the ransoms and take photos of the demand screens, but not so fun for hackers. Through the development, updates and propagation of the malware, only between five and 10 percent of people pay the demands. But there is another way.

Bitcoin Mining

Instead of having your victims pay you once, what about having your victims unknowingly work for you? Well, that is what a lot of malware is doing today. By leveraging a portion of your compute power to form a bitcoin mining pool, hackers don’t have to kill the goose that lays the golden egg.

The result? The home computer has less power to run normal processing and incurs higher energy costs. When this approach works its way into a corporate network, it could cause major productivity and service issues.

For some hackers, these two attack vectors are small-time thinking. Instead of counting on a distributed attack vector across a global landscape of endpoints with mixed vulnerabilities, what about a single targeted attack?

Hackers don’t attack the algorithm behind the coins, they attack where they are stored. Cryptocurrency banks and exchanges are ripe targets for attacks. If you factor in the price of a bitcoin (at the time of I started writing it was $8,160 and after editing its $16,000) — the second Mt. Gox attack emptied bitcoin wallets to the tune of over $11 billion USD. Wow! At the time, the bitcoin haul was nearly 744,000 coins worth $436 million USD and caused the value of bitcoin to fall to a three-month low.

Cryptocurrency: Is it the Future?

Like most dual-sided arguments, those inside a social ecosystem are bullishly optimistic. Those outside remain pessimistic. I’m in between. I see the opportunity to capitalize on the attention, but recognize the many limitations behind cryptocurrencies that cap their viability into the future.

I’ve never owned a bitcoin coin but have entered into a few key platforms for the short-term. As mentioned, the value is purely subjective, much like an arbitrary piece of art, which can be a good investment as long as there is a large pool of people with the financial ability to support and bloat its value.

What is the difference in value between this rare Honus Wagner T206 card ($3.12 million USD) and the common Dusty Baker’s 1987 Topps card ($0.70 USD)? The answer lies in the availability of the item and the demand from the consumer.

Bitcoin, Ethereum and Monero all have value because a community of people feels it does. The more people who enter this pool, the greater the potential value. Some are investors and others are victims buying a ransom. But what truly drives the cost of bitcoin is attention — just like a piece of sports memorabilia. When you mirror Google’s search trend data to the historical price of BTC, you see a direct correlation.

What does this tell me? Once the attention fades, people will lose interest. At that point, the price will come down, similar to a Derek Jeter autographed baseball. Additionally, as ransomware becomes less effective, fewer people will buy bitcoin for the sake of digital freedom. And that freedom is the primary thing cryptocurrency can buy.

In the past year, every time the price of bitcoin dropped the Chicken Littles of the world wanted to be the first to cry out, “The sky is falling!” I do believe there will come a time when bitcoins will have the value the 1986 Topps Traded Pete Ladd sitting in the back of your closet (less than $1), but its value won’t crumble in a day.
With the remaining 1,000-odd altcoin cryptocurrencies (that currently hold value) out there with a collective market cap of over $400 billion (at the time of writing), it would take a lot for crypto-investors to create the needed fire sale that would cause the market’s topple. Instead, I see it like the Ice Age; built in stages and then a slow recession.

The altcoins wouldn’t exist today if bitcoin wasn’t popular and a goldmine for the early investors. The creators of these algorithms are like the leaders of pyramid scams. They created the rules and the ecosystem to make money and only exist if their supporters exist, much like an Amway Double-Dutch Triple-Black Platinum Diamond Founder’s Crown Elite Wizard. These will be the first to die. The beginning of their end is when bitcoin hits a plateau lasting more than two months.

In the Ice Age analogy, bitcoin is much like a large glacier that icicles attach to. As the sun shines, they will melt, leaving only the strongest cryptocurrencies to linger. I see bitcoin and Ethereum lasting for years, but only at a small price point. The coins in active circulation will be mostly in the possession of cyber criminals (if they aren’t already) and will be sold to the victims of cybercrimes to pay ransoms until the practice to buy cryptocurrency is outlawed country by country.

And, with that, the official death of ransomware.

Death in a Cathedral

Thirty years from now when we look back at cryptocurrency, we will reminisce about the second coming of the roaring ‘20s. Without the presence of Babe Ruth and the Charleston, we’ll have great unregulated wealth that comes to a crash.

In my conservative outsider-ish advice, I recommend minor, short-term cryptocurrency investments that you are not afraid to lose. Watch the price of bitcoin. When you see a plateau lasting a month, sell. (However, I’m not a financial advisor and I have no fiduciary duties to you. Please do your own research.)

Remember the old adage: movements are built in caves and die in cathedrals. Bitcoin is in the cathedral phase of its life. And if you understand the politics and history of cathedrals, you would be wary of entry. If not, read The Gothic Enterprise: A Guide to Understanding the Medieval Cathedral. Pay attention to fallout surrounding the bankrupt Bishop Milo de Nanteuil.

The Marriage Between Malware & Cryptocurrency

Another adage I was raised with, “make hay when the sun shines,” is what hackers are doing today. As the flames of bitcoin flare, more moths will be drawn to its light. The illicit creation, extortion and theft of digital coins will drive the price to an all-time high.

Because of the outrageous volume of ransomware infections of 2016, and the infamous attacks in 2017, malware defense is at an all-time high too, but it is not enough. Network and end-point security needs to be a serious topic of discussion.

At SonicWall, we’ve made great strides to get ahead of the cryptocurrency attacks; far before a hunk of digital code was valued at dollar volumes higher than what your grandfather paid for his first home.

Before the public release of Zcash, we released the SonicWall Capture Advanced Threat Protection service, which is a cloud-based network sandbox that works in line with SonicWall next-gen firewalls to run and test suspicious code in an isolated environment to prevent newly developed ransomware attacks (and other forms of malware too).

To bolster endpoint protection, we created an alliance with SentinelOne to provide an enhanced endpoint security client framework to provide next-generation anti-virus capabilities to our current endpoint offerings.

To learn more on how SonicWall can prevent malicious attacks, please read our solution brief, Five Best Practices for Advanced Threat Protection. If you’d like to discuss this blog, the marriage between malware and cryptocurrency, and to send your potentially future-worthless digital collectibles, reach out to me on Twitter.

 

SonicWall Firewall As A Service Offers New GMS Infrastructure

Today, customers are looking for more security and insight into the traffic on their network, without the burden of managing it on their own. Increasingly managed service providers (MSPs) are being asked to deliver network perimeter protection. Meeting this demand, SonicWall Firewall as a Service (FWaaS) now offers new SonicWall Global Management Systems (GMS) as a Cloud managed services. Immediately available from SonicWall are three unique options of the Global Management System Infrastructure solution: Monitoring, Monitoring and Reporting and Fully Managed. The undeniable benefits of all of these choices is that each lower upfront costs through the monthly subscription pricing. Customers also gain enterprise-level network security to defend against the relentless global threats and malware attacks without having to worry about maintenance or support. These solutions simplify customer management and deployment of SonicWall products. These new offerings will be provided by Solutions Granted Inc. and Western NRG, Inc., our selected infrastructure providers.

SonicWall Security’s Firewall-As-as-Service bundle includes a  SonicWall next-generation firewall appliance, Total Secure/Comprehensive Gateway Security Software (CGSS) and SonicWall Global Management System (GMS). What is new is that we are giving you more options on where and how to run the SonicWall GMS, allowing you to rapidly deploy and centrally manage the SonicWall next-gen firewall. This highly effective system provides real-time monitoring and alerts, along with comprehensive policy and compliance reporting in a solution that can easily be deployed as a hosted solution.

Option number one provides GMS infrastructure with monitoring. Option number two delivers more comprehensive security with both monitoring and reporting. With these 2 options the Managed Service Provider (MSP) will run GMS and is responsible for the workload, but uses the SonicWall GMS infrastructure. The value is to eliminate the cost of the GMS infrastructure, with a monthly price instead of an upfront cost, scaling over time to accommodate growth.

The third and most comprehensive option consists of a fully managed GMS instance and execution of the managed firewall service for the VAR/MSP. The value of this service is a VAR can now participate without being an MSP. With this option you sell the service, but the delivery of that service is handled by the new SonicWall GMS managed services offerings. This expands your business as a VAR. These options all complement and extend SonicWall security products and services provider, while optimizing your business security, managing growth and easing the administrative burdens.

We invite you to tune in for a live webcast on how the new offerings in the FWaaS partner program will help you increase your sales on, Thursday Nov. 5, 2015 at 11 a.m. Pacific/2 pm Eastern.

Meet us in-person at the upcoming IT Nation 2015 conference, Nov. 11 – 13, 2015 at the Hyatt Regency in Orlando, where SonicWall Security Solutions experts will demonstrate our SonicWall Firewall-as-a-Service (FWaaS) and SonicWall Global Systems Management next week.

How to Transform Your Network Security Infrastructure To Be Future-Ready

As an IT leader, you understand how new disruptive technologies can improve your company’s competitive positioning and drive overall business value. Technology trends such as cloud, mobility, social and big data compel companies to move quickly to define and implement next-generation data center architectures and security defense strategies to take advantage of these new technologies. While these trends have proven to boost commerce and operational efficiencies for many businesses who are early adopters, they also introduce security loopholes that give cyber-criminals an easy path to inject malware into the network, evade detection, and steal data.

For example, when new software and network designs are implemented to enable BYOD initiatives, companies quickly find themselves at higher risk due to the increasing number of vulnerable web applications and unsafe systems and endpoint devices that are added to their network. They’re now forced to grapple with a significantly higher volume of connected devices accessing their networks which have the potential to slow performance as well as productivity. Not only can users consume an enormous amount of bandwidth with multiple connections per device and time-wasting, productivity-draining applications such as social media and video streaming, they also collectively create a much larger attack surface for cyber-criminals to exploit. To fully benefit from BYOD and other business enabling technologies, next-generation data centers must be agile, scalable, manageable, flexible, and most importantly, secure against the ever-changing global threat environment including network attacks that use encryption to bypass security controls. After all, a security system cannot stop what it cannot decipher.

To meet these challenges, the network security layer must be highly extensible to support the largest of data centers’ bandwidth consumption with absolutely near zero downtime. Such requirements have justified necessary networking security architectures that can be incrementally deployable and horizontally scalable. In other words, there might not be a single SonicWall Next-Generation Firewall (NGFW) with the scale to meet the performance requirements of some compute- and bandwidth-intensive networks such as large institutions, government agencies, and global enterprises. A more practical way to scale the performance beyond capabilities of a single SonicWall NGFW device is to combine multiple SonicWall NGFW devices into a network cluster for full redundancy, failover and failback to ensure there is no single point of failure in the design. In this infinite scale-out model, adding additional security compute resources should ideally be a matter of easily adding more firewalls to the system in a very cost-effective way.

If you are currently tasked with implementing big-bet initiatives to improve growth and competitiveness and feel that security is your biggest barrier for implementing these programs, SonicWall invites you to download this exclusive “A Massively Scalable Approach to Network Security” white paper to help you implement your future-proofed, network-based scale-out security layer architecture. This is a highly resilient design that offers transparent security services to augment existing security solutions, separate security functions and provide added capacity via N+1 redundancy to solve your most complex and demanding data center requirements. The solution provides the following benefits:

  1. Scalable performance to support 10, 40 and/or 100+ Gbps data centers
  2. Assured availability of internet services and connectivity without compromising security
  3. Deep security through SSL inspection and prevention of intrusions, malware, botnets, etc.
  4. Visualization of all applications, users, groups traversing the firewalls
  5. Cost savings up to 82%* lower than Cisco and 65% lower than Palo Alto Networks and 57% lower than Fortinet