Posts

Cyber Security News & Trends

This week, fears are growing that new 5G industrial robots are vulnerable to cyberattack, the numbers affected by a breach jump from 500 to over 500,000 and the government shutdown continues to worry cybersecurity experts.


SonicWall Spotlight

SonicWall on Winning the Cyber Arms Race on Winning the Cyber Arms Race – Tahawul Tech

  • SonicWall’s Michael Berg is interviewed talking SonicWall’s expansion in Dubai, the cyber arms race and where SonicWall is going in 2019.

Cyber Security News

Why Cybersecurity Must Be a Top Priority for Small & Midsize Businesses – Dark Reading

  • Big corporations seize the cyberattack headlines, but Dark Reading argues that cybersecurity must be a top priority for small and medium businesses, outlining the major security risks and methods of protection.

For Industrial Robots, Hacking Risks Are on the Rise  – Wall Street Journal

  • 5G and the Internet of Things promise to make factories a lot smarter, but also a lot more vulnerable to cyberattacks.

New Ransomware Poses as Games and Software to Trick You Into Downloading It – ZDNet

  • A Dangerous new ransomware dubbed Anatova that was found at the start of the new year is being watched closely by researchers. Its modular architecture makes it easily adaptable and potentially very dangerous in the hands of a skilled cybercriminal.

The Shutdown Is Exposing Our Economy to Crippling Cybersecurity Breaches – Salon

  • Salon details the infrastructural cybersecurity problems, many previously outlined by SonicWall, that have been growing with the ongoing government shutdown.

Proposed Law Classifies Ransomware Infection as a Data Breach – SecurityWeek

  • The Act to Strengthen Identity Theft Protections in North Carolina proposes widening the definition of a breach to include ransomware and even unauthorized access. The legislation requires tightened data protection and a quicker notifications period when there is a breach.

Online Casino Group Leaks Information on 108 Million Bets, Including User Details – ZDNet

  • The server details of an online casino were left exposed online, leaking information on 108 million bets, including complete customer data like real names and addresses, phone numbers, email addresses, birth dates, and more.

Victim Count in Alaska Health Department Breach Soars – BankInfoSecurity

  • It was originally thought to only affect 501 people but the numbers in the Alaska Health Department breach of June 2018 have soared to up to 700,000. The number has soared after months of analysis and confirmation, the DHSS says they always knew the number would rise dramatically after analysis.

Recession Is the Number One Fear for CEOs in 2019, Survey Says – CNBC

  • While recession is the number one fear worldwide, a survey of over 800 CEO’s found that cybersecurity was the number one fear for CEO’s in the U.S.

Cybercriminals Home in on Ultra-High Net Worth Individuals – Dark Reading

  • With a growing cybersecurity awareness in businesses new research is suggesting that some hackers are shifting their sights to the estates and businesses of wealthy families with personalized cyberattacks.

In Case You Missed It

Cyber Security News & Trends

This week, one city is back to using pen and paper after a ransomware attack, cybercriminals utilize popular video game Fortnite in a money laundering scam and construction industry cranes are alarmingly vulnerable to being hacked.


SonicWall Spotlight

SSL, TLS Certificates Expiring on US Government Sites During Federal Shutdown – SonicWall Blog

  • SonicWall’s Brook Chelmo explains why US Government websites are starting to suffer during the ongoing Government Shutdown, explaining that security certificates are not being updated and what kind of messages you might be seeing as a result.

Cyber Security News

Hack Brief: An Astonishing 773 Million Records Exposed in Monster Breach – Wired

  • Wired details the mega-breach where at least 773 million emails and 21 million unique passwords have been released in a folder called “Collection #1.” Some are calling this the largest collection of breached data ever found, although it should be noted that Collection #1 is a compilation of both old and new leaked details.

Fortnite Is Being Used by Criminals to Launder Cash Through V-Bucks – ZDNet

  • Criminals have been using the in-game currency in Fortnite for laundering money from stolen cards. It is not known exactly how much profit the cybercriminals have made, but Fortnite coins sold on eBay alone have grossed over $250,000 in two months.

Defense Department Continuously Challenged on Cybersecurity – Security Week

  • A report has revealed that while the U.S. Department of Defense has been making strides to improve their cybersecurity stance, they are still struggling. In September of last year there were 266 open cybersecurity‑related recommendations, some dating as far back as 2008.

NotPetya Victim Mondelez Sues Zurich Insurance for $100 Million

  • Zurich insurance rejected a $100 million claim by Mondelez saying that since the NotPetya ransomware attack has been seen by some, including the UK government, as a Russian military attack it is not covered by standard insurance against malware. Mondelez are taking legal action in response.

Oklahoma Gov Data Leak Exposes FBI Investigation Records, Millions of Department Files – ZDNet

  • A storage server belonging to the Oklahoma Department of Securities was found with terabytes of confidential data exposed and accessible to the public.

Yes, You Can Remotely Hack Factory, Building Site Cranes. Wait, What? – The Register

  • Cybersecurity protection on cranes, drilling rigs, and other heavy machinery has been found to be severely lacking with a report into the area finding that none of the radio remote controllers investigated had “implemented any protection mechanism to prevent unattended reprogramming.”

WEF: Cyber-Attacks a Major Global Risk for Next Decade – Infosecurity Magazine

  • The World Economic Forum released a reporting stating that cyberattacks remain as one of the risks facing the world today with 82 percent of those queried stating they expect data and monetary theft attacks to increase.

Ransomware Attack Sends City of Del Rio Back to the Days of Pen and Paper – ZDNet

  • Officials at Del Rio, Texas, had to abandon their computers and switch to pen and paper after a ransomware attack last week. It has not been revealed who is behind the ransomware but the FBI have been informed and are investigating.

Emotet Malware Returns to Work After Holiday Break – BankInfoSecurity

  • Whether coincidence or a sign that the criminals were actually on holidays, a number of malware strains including Emotet have returned in 2019 after falling out of use towards the end of the year. BankInfoSecurity trace the history and usage of Emotet, including information on where in the world it has and has not been striking.

In Case You Missed It

Cyber Security News & Trends

Adware apps downloaded by millions, German politicians have their data leaked, and how is the government shutdown affecting cybersecurity? SonicWall has collected this week’s best cybersecurity stories, just for you.


SonicWall Spotlight

What Is Driving the Workforce of the Future? – IT News Africa

  • SonicWall threat data is used to examine the potential dangers of a workforce dependent on the Internet of Things and 5G mobile connection.

Cyber Security News

German Man Confesses to Hacking Politicians’ Data, Officials Say – New York Times

  • The December leak of the personal information of German politicians was carried out by a young German student who used very basic techniques like guessing the passwords. The authorities are treating him as a juvenile and he has been released while the investigation is ongoing.

Google Removes 85 Adware Apps That Were Installed by Millions of Users – ZDNet

  • Google removed 85 apps from the Play Store after complaints that they were blatantly adware where every page on the apps triggered a full screen advert. At the time of removal one of the apps had already been downloaded over five million times.

Class-Action Lawsuit Filed Over Marriott Data Breach Washington Times

  • 76 plaintiffs from all 50 states, the District of Columbia, Puerto Rico and the U.S. Virgin Islands are suing Marriott International Inc. in federal court over the data breach in 2018 that saw millions of people’s data released.

Who Should Be Responsible for Protecting Our Personal Data?World Economic Forum

  • The World Economic Forum explores the growing cybersecurity challenges that are presented by the fact that 89% of Americans and 70% of Europeans use the internet daily, and half the world’s population is online in some way. They ask if governments are reacting fast enough to the changes and if cybersecurity is a personal or public responsibility.

Zeroday Exploit Prices Are Higher Than Ever, Especially for iOS and Messaging Apps – ArsTechnica

  • The going rate for a zero-day jailbreak for Apple’s iOS is currently as high as $2 million. That’s the highest end of the scale but the market for exploits has been going higher and higher with no sign of leveling off.

U.S. Initiative Warns Firms of Hacking by China, Other Countries – Reuters

  • A new initiative by The National Counter-Intelligence and Security Center (NCSC) has been launched, aimed with improving cybersecurity in U.S. companies. Videos, brochures, and online informational materials have all been made available in an attempt to address ongoing concerns that many companies are not currently doing enough to protect themselves from cyberthreats.

Cybersecurity May Suffer as Shutdown Persists – Roll Call

  • The partial government shutdown may be leaving departments open to cybersecurity risks since many of the shutdown departments are on the “hit-list for hackers.” As more time passes there is a fear that minor setbacks may become irreversible.

This Old Ransomware Is Using an Unpleasant New Trick to Try and Make You Pay Up – ZDNet

  • First spotted in 2016, Cryptomix is a ransomware that seemed to have disappeared until it was rediscovered recently with a new distasteful trick; using information scraped from children’s charity organizations to make it seem like the ransom payment will be used to help people in need.

  The Cybersecurity Skills Shortage Is Getting Worse – CSO Online

  • With 53 percent of respondents of one survey reporting a problematic shortage of people with the right skills, the cybersecurity job situation is seen by some as actively getting worse rather than better. CSO Online recommend massive federal leadership, a more thorough public/private partnership and an integrated industry effort to solve the problem.

In Case You Missed It

Cyber Security News & Trends

How long did it take before 2019’s first cyberattack took place? Find out this and more. SonicWall has collected this week’s best cybersecurity stories, just for you.


SonicWall Spotlight

SonicWall Celebrates Key EMEA Milestones  – Enterprise Channels MEA

  • SonicWall’s Michael Berg comments on SonicWall’s boosted presence in EMEA, crediting channel expertise and commitment to speaking the local language as key factors in growth.

Ransomware Attacks Hit Legal System – Today’s General Counsel Magazine

  • An investigation into the growing threat of ransomware in the legal world uses SonicWall 2018 data as its jumping off point.

Cyber Security News

The Elite Intel Team Still Fighting Meltdown and Spectre – Wired

  • The Spectre and Meltdown vulnerabilities were first announced a year ago and made major waves in the news cycle due to their scope and impact. Wired follow up on the story with an in-depth look at how STORM, Intel’s strategic offensive research and mitigation hacker group, have been dealing with the problem.

Town of Salem Breach Affects 7 Million Accounts – SC Magazine

  • Some payment information was exposed in the breach, but the main leak was of usernames, email addresses, hashed passwords, IP addresses, game and forum activity. The developers have stressed that no card numbers were leaked.

What We Still Don’t Know About the Cyberattack on Tribune Newspapers – Washington Post

  • A cyberattack seriously hampered printing several papers owned by Tribune Publishing, including The L.A. Times. While the Tribune group say they suspect the cyberattack originated from abroad, they have given little other information and the identity and motive of attackers remain unclear.

Dublin’s Luas Tram System Threatened With Private Data Leak – ZDNet

  • Dublin’s tram system is hit with what looks like a ransomware attack that threatens to expose online users unless a ransom of one bitcoin is paid.

Your Data Was Probably Stolen in Cyberattack in 2018 – and You Should Care – USA Today

  • Marriott, Quora, Facebook, Dunkin’ Donuts; USA today summarize the biggest hacks of 2018 and come to the conclusion that very few people have escaped unscathed.

German Politicians Targeted in Mass Data Attack  – BBC

  • Hundreds of German politicians, including Chancellor Angela Merkel, had personal details stolen and published on Twitter throughout December. No one has publicly taken responsibility for the attack yet but all parties except those on the far right were affected.

This Data-Stealing Android Malware Infiltrated the Google Play Store, Infecting Users in 196 Countries – ZDNet

  • When an App is first uploaded into the Google Play Store it is subject to tough reviews to ensure it is safe for users, but some malware developers have been taking advantage of less stringent checks later down the line and injecting malware as an update.

2019’s First Data Breach: It Took Less than 24 Hours – CBR Online

  • The first data breach of 2019 was reported less than 24 hours into the New Year when an estimated 30,000 Australian civil servants had work emails, phone numbers and job titles leaked. Thankfully, no financial information is said to have been affected.

In Case You Missed It

Cyber Security News & Trends

Quantum Cryptography, Malware spreading through the cloud, and Fortnite making teenagers a lot of money; SonicWall has collected and compiled this week’s best cybersecurity stories, just for you.


SonicWall Spotlight

CEO Outlook: Five Questions on 2019  – CRN.com

  • SonicWall CEO Bill Conner gives his five predictions for 2019; from the biggest market opportunities to his thoughts on why staying up-to-date will be key for Channel Partners. He also predicts that 2019 will be the year of the SonicWall Capture Cloud Platform.

SonicWall Increasing Local Partner Support Across EMEA – Computer Weekly

  • SonicWall celebrates key EMEA milestones including the hiring of industry-leading talent and the opening of three new offices in the UK, Spain, and the UAE.

Quantum Cryptography: The Next-Generation of Secure Data Transmission – Information-Age

  • With SonicWall Threat Data showing an increase in encrypted threats throughout 2018, Information Age speculate that quantum cryptography could be the future in encryption.

Cyber Security News

Public Clouds: Fertile Ground to Spread Malware – Security Boulevard

  • A general trust in cloud services is leaving an easy entry point open for threat actors to spread malware. Researchers have already found browser hijacker adware Linkury making its way across Microsoft Azure.

Hackers Have Earned $1.7 Million so Far From Trading Data Stolen From US Gov Payment Portals – ZDNet

  • Click2Gov, a US government self-service payment system owned by Superion, was hit by a data breach in September 2017. Security researchers are estimating that the hackers have earned at least $1.7 million to date selling the information on the Dark Web.

Google Finds Internet Explorer Zero-Day Exploited in Targeted Attacks – Security Week

  • Microsoft released a patch for Internet Explorer fixing a dangerous zero-day bug. SonicWall Captures Labs also issued a signature to provide protection.

Fortnite Teen Hackers ‘Earning Thousands of Pounds a Week’ – BBC

  • With Fortnite estimated to have earned more than £1 billion through selling in-game “skins” there is a growing black-market, often run both by and for very young teenagers.

Irish Data Authority Probes Facebook Photo Breach – Security Week

  • A GDPR investigation has been launched in Ireland after it was revealed that up to 6.8 million users may have had their photos exposed to third party apps. A fine of up to four percent of annual global turnover can be issued to a corporation if they are found to be in breach of GDPR.

New Malware Pulls Its Instructions From Code Hidden in Memes Posted to Twitter – Tech Crunch

  • Researchers have found a type of malware that appears to be activated by memes on Twitter. The good news for those who can’t resist a link to a laugh is that it still looks to be in a testing stage and may never be released.

NASA Discloses Data Breach – ZDNet

  • NASA confirmed a data breach in October 2018 where a third party gained access to personal data, including Social Security Numbers, of current and former employees. No missions are believed to jeopardized by the hack but the investigation into the incident will “take time.”

The Nightmare Before Christmas: Cybersecurity Risks for Children’s Toys – EURACTIV (Europe)

  • As the Internet of Things enters toy manufacturing a host of problems are coming with it; open Bluetooth connections, cheap manufacturing standards, and cybersecurity laws that cannot yet be effectively applied.

In Case You Missed It

Cybersecurity for SMBs: Bundled Network Security Delivers Cost-Effective Protection

If you’re a small- or medium-sized business (SMB), don’t bury your head in the digital sand. Cybercriminals don’t discriminate. Your data, credentials or access could be valuable to them in ways not immediately apparent. SMB cybersecurity is critical.

Unfortunately, SMBs also haven’t received the necessary guidance in terms of government support. That’s alarming since in September 2018 alone, the average SonicWall customer faced 1,662 malware attacks. For the year, SonicWall recorded 8.5 billion malware attacks globally — a 54 percent increase over 2017.

There is good news, however. In August 2018, President Trump signed into law the new NIST Small Business Cybersecurity Act. New legislation in Canada and the UK bring hope for similar protections.

But in many cases, cybersecurity guidance isn’t immediately available. In the U.S., for example, NIST has a year to deliver the guidance (read our eBook to learn more). Regardless of geographic location, a year is a long time for SMBs to wait to either enhance or begin their cybersecurity strategy. For this reason, SonicWall has created cost-effective cybersecurity bundles tailored specifically for SMBs.

Bundled Security for SMBs

The SonicWall TotalSecure SMB Bundle* provides robust cybersecurity technology and services that defend growing SMBs from the volume and sophistication of modern cyberattacks.

The tailored package includes high-performance network security, endpoint protection, cloud sandbox, content filtering, online management and more. Admins can also use powerful reporting functions to easily check the health of the network and endpoints and remediate threats if ever needed.

What’s included What you get
  • Perimeter firewall protection, including SSL traffic inspection
  • Intrusion prevention
  • Content filtering
  • Zero-day defense via Capture ATP with RTDMI
  • Behavior-based endpoint security
  • Endpoint rollback (Windows only)
  • Advanced reporting and attack visualization

Bundled Security for Small Offices

The SonicWall TotalSecure SMB Bundle* also is available for small or home offices. It provides foundational cybersecurity tools that help smaller organizations mitigate cyberattacks from the perimeter to the endpoint.

It’s a comprehensive, out-of-the-box solution to stop cyberattacks, help remediate issues, protect endpoints and manage security — easily and efficiently.

What’s included What you get
  • Perimeter firewall protection, including SSL/TLS traffic inspection
  • Intrusion prevention
  • Content Filtering Service
  • Behavior-based endpoint security
  • Endpoint rollback (Windows only)
  • Advanced reporting and attack visualization

SonicWall has been protecting SMBs for more than 27 years. SonicWall is the No. 2 cybersecurity vendor in the SMB space, according to Gartner’s Market Share: Unified Threat Management (SMB Multifunction Firewalls), Worldwide, 2017 report.

Contact SonicWall to build or enhance your cybersecurity posture for true end-to-end protection from today’s most malicious cyberattacks, including never-before-seen threats.

Lock In Your SMB Bundle

It’s time to use real-time cybersecurity to protect your business from cyberattacks. Contact a SonicWall security expert today. We’re ready to help you build a sound, cost-effective security strategy that’s just right for your business.

* Please contact SonicWall or your SonicWall SecureFirst partner for regional availability.

July 2018 Cyber Threat Intelligence: Malware, Ransomware Attack Volume Still Climbing

Just a month removed from the mid-year update to the 2018 SonicWall Cyber Threat Report, the cyber threat landscape continues its volatile pace.

Analyzing the team’s most recent data, SonicWall Capture Labs threat researchers are recording year-to-date increases for global malware, ransomware, TLS/SSL encrypted attacks and intrusion attempts.

In addition, the SonicWall Capture Advanced Threat Protection sandbox, with Real-Time Deep Memory Inspection (RTDMITM), discovered an average of 1,413 new malware variants per day in July.

Globally, the SonicWall Capture Threat Network, which includes more than 1 million sensors across the world, recorded the following 2018 year-to-date attack data through July 2018:

  • 6,904,296,364 malware attacks (88 percent increase from 2017)
  • 2,216,944,063,598 intrusion attempts (59 percent increase)
  • 215,722,623 ransomware attacks (187 percent increase)
  • 1,730,987 encrypted threats (80 percent increase)

In July 2018 alone, the average SonicWall customer faced:

  • 2,164 malware attacks (28 percent increase from July 2017)
  • 81 ransomware attacks (43 percent increase)
  • 143 encrypted threats
  • 13 phishing attacks each day
  • 1,413 new malware variants discovered by Capture ATP with RTDMI each day

The SonicWall Capture Security Center displays a 70 percent year-over-year increase in ransomware attacks.

SonicWall cyber threat intelligence is available in the SonicWall Security Center, which provides a graphical view of the worldwide attacks over the last 24 hours, countries being attacked and geographic attack origins. This view illustrates the pace and speed of the cyber arms race.

The resource provides actionable cyber threat intelligence to help organizations identify the types of attacks they need to be concerned about so they can design and test their security posture ensure their networks, data, applications and customers are properly protected.

 

Get the Mid-Year Update

Dive into the latest cybersecurity trends and threat intelligence from SonicWall Capture Labs. The mid-year update to the 2018 SonicWall Cyber Threat Report explores how quickly the cyber threat landscape has evolved in just a few months.

Cyber Security News & Trends

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.


SonicWall Spotlight

DHS Has New Cyber Collaboration Center, But Private Companies May Hesitate to Share — Law.com

  • SonicWall CEO Bill Conner discusses the challenges faced by the new DHS National Risk Management Center initiative in relation to cooperation from the private sector.

ADT Acquires MSSP SDI, Eyes Small Business Cybersecurity Market Growth — MSSP Alert

  • ADT, the monitored security and home and business automation solutions provider, has acquired Secure Designs Inc. (SDI), a well-known MSSP and SonicWall partner that manages firewall equipment for small business customers.

The Changing Data Security Landscape — Database Trends and Applications

  • The SonicWall 2018 Cyber Threat Report is used in an analysis of the overall risk landscape for cybersecurity.

SonicWall to expand product engineering facility in India — ETCIO

  • Debasish Mukherjee, Country Manager India & SAARC SonicWall sat down with ETCIO to discuss the country’s expansion in Bangalore, India.

Cyber Security News

The Sensors That Power Smart Cities Are a Hacker’s Dream — Wired

  • Research from IBM Security and data security firm Threatcare that looked at sensor hubs from three companies—Libelium, Echelon, and Battelle—that sell systems to underpin smart city schemes.

Network of 15,000 bots used to spread cryptocurrency giveaway spam via Twitter — SC Magazine

  • A recently developed methodology for identifying Twitter bot accounts in large quantities turned up a cryptocurrency scam botnet operation found to leverage at least 15,000 bots to submit bogus tweets and likes.

Internet of Things Adoption to Rise Despite Security, Data Integration Challenges — The Wall Street Journal

  • Firms continue to adopt Internet of Things technologies, but believe large-scale deployments and returns on investment may take longer than expected to materialize due to ongoing security and implementation challenges.

iPhone Chipmaker Blames WannaCry Variant for Plant Closures — Bloomberg

  • Taiwan Semiconductor Manufacturing Co. blamed a variant of the 2017 WannaCry ransomware for the unprecedented shutdown of several plants, as it ramps up chipmaking for Apple Inc.’s next iPhones

Atlanta’s Reported Ransomware Bill: Up to $17 Million — Bank Info Security

  • The cost of the city of Atlanta’s mitigation and subsequent IT overhaul following a massive SamSam ransomware infection earlier this year could reach $17 million.

In Case You Missed It

SonicWall’s Consistent Value, Cyber Security Effectiveness Earn ‘Recommended’ Rating from NSS Labs

For far too long the modern organization has been told it must pay hundreds of thousands of dollars (or even millions) for powerful, enterprise-grade security.

But for more than 25 years, SonicWall’s mission has been to deliver consistent value and powerful cyber security for organizations of all sizes and budgets. For the fifth time since 2012, this has been validated by one of the most trusted, fact-based organizations in the industry: NSS Labs.

In its 2018 group test of next-generation firewalls (NGFW), NSS Labs strongly positioned SonicWall and the NSa 2650 firewall in the upper-right ‘Recommended’ quadrant of the 2018 NSS Labs Security Value MapTM (SVM).

“NSS Labs is committed to independent testing that helps enterprises make informed cybersecurity decisions,” said NSS Labs CEO Vikram Phatak in SonicWall’s official announcement. “With ‘Recommended’ ratings for five years, SonicWall next-generation firewalls are an excellent choice for any company seeking devices with strong security and consistent product quality to evolve their security architectures. We applaud SonicWall’s focus on product consistency and security effectiveness.”

This year’s in-depth firewall comparison was comprised of totals based on security effectiveness, block rates, stability, performance, product purchasing price, maintenance, installation costs, required upkeep, management and installation. In its head-to-head comparison tests, NSS Labs verifies that NSa 2650:

  • Remains one of the highest-rated and best-value NGFWs in the industry, with a 98.8 percent security effectiveness rating
  • Delivers second-best total cost of ownership (TCO) with $4 per protected Mbps
  • Tested 100 percent effective in countering all advanced HTTP evasion, obfuscation and fragmentation techniques
  • Earned 100 percent ratings in stability and reliability testing

Many factors are taken into consideration when weighing vendor options, measuring security efficacy and calculating TCO.

Security Effectiveness of Firewalls

NSS Labs conducts one of the industry’s most respected, comprehensive and fact-based validation programs for a full range of cybersecurity products, including network and breach security, endpoint protection, cloud and virtual security, and more.

For this year’s comparison test, the SonicWall NSa 2650 next-generation firewall was compared against other industry offerings. During the NSS Labs evaluation, SonicWall NSa 2650 endured thorough testing exercises via the NSS Exploit Library, which exposed the appliance to more than 1,900 exploits.

To ensure real-world testing conditions, NSS Labs engineers utilize multiple commercial, open-source and propriety tools to launch a broad range of attacks. SonicWall NSa 2650 blocked 98.8 percent of all attacks was 100 percent reliable during testing. SonicWall also was successful in countering 100 percent of all advanced HTTP evasion, obfuscation and fragmentation techniques.

The SonicWall NSa 2650 strong security effectiveness and findings within the NSS report are applicable to the entire SonicWall NSa next-generation firewall series.

Total Cost of Ownership for Firewalls

“SonicWall offers the second-lowest TCO with $4 cost per protected Mbps.”

The cyber security industry’s pricing models are, frankly, out of date. Too many legacy vendors believe their old way of doing business — charging hundreds of thousands, or even millions of dollars — is beneficial to end customers and prospects. In some cases, high-end hardware is required, but there should also be powerful, cost-effective options for today’s business.

SonicWall understands and embraces this change.

It’s the reason we continually monitor and refine our pricing structures to ensure every organization is able to protect themselves from today’s most malicious cyberattacks. And we’re proud to say that NSS Labs found SonicWall to offer the second-lowest TCO with $4 cost per protected Mbps.

NSS Labs calculates TCO across a three-year period. At a high level, the formula includes:

  • Year 1 Purchase Price
  • Year 1 Installation & Labor
  • Year 1 Maintenance Costs
  • Year 2 Maintenance Costs
  • Year 3 Maintenance Costs

According to NSS Labs, “Calculations are based on a labor rate of $75 (USD) per hour and vendor-provided pricing information. Where possible, the 24/7 maintenance and support option with 24-hour replacement is used, since enterprise customers typically select that option. Pricing includes one enterprise-class CMS to manage up to five devices.”

As a best practice, enterprises and security-conscious organizations should include TCO as part of their NGFW evaluations, including:

  • Acquisition costs for NGFW and a central management system (CMS)
  • Fees paid to the vendor for annual maintenance, support and signature updates
  • Labor costs for installation, maintenance and upkeep

5 Cyberattack Vectors for MSSP to Mitigate in Healthcare

It’s no secret that healthcare continues to be one of the most targeted industries for cybercriminals. Healthcare providers store and maintain some of the most valuable data and the appetite for fraudulent claims or fake prescription medications is insatiable.

Despite all of the regulations, there are still fewer watchdogs overseeing healthcare. For many providers, cyber security hasn’t been a priority until very recently.

With more and more organizations reaching out to cyber security experts for assistance, it’s more important than ever that managed security services providers (MSSPs) understand the healthcare industry so that they can tailor solutions aimed at improving the security posture of healthcare providers.

Inside Users Present the Greatest Threat

According to a 2018 survey of cyber security professionals conducted by HIMSS, over 60 percent of threat actors are internal users within a healthcare organization. Email phishing and spear-phishing attempts are aimed at tricking users into providing credentials or access to information for cybercriminals. Negligent insiders, who have access to trusted information, can facilitate data breaches or cyber incidents while trying to be helpful.

In addition to systematically monitoring and protecting infrastructure components, MSSPs need to consider a multi-faceted campaign that creates a cyber security awareness culture within healthcare organizations. This campaign should include template policies and procedures for organizations to adopt, regular and routine training efforts, and human penetration-testing.

From a systematic perspective, it’s important to have tools that will do everything possible to mitigate cyberattacks. Tools like next-generation email security to block potential phishing or spear phishing attempts; endpoint security solutions to monitor behavior through heuristic-based techniques; and internal network routing through a next-generation firewall to perform deep packet inspection (DPI) on any information transgressing the network — especially if it’s encrypted.

Mobile Devices Open Large Attack Surfaces

Mobile devices have changed the way that we do just about everything. And the same is true for the manner in which healthcare conducts business.

To enable mobility and on-demand access, many electronic health record (EHR) applications have specific apps that create avenues for mobile devices to access portions of the EHR software. The widespread adoption of mobile devices and BYOD trends are pushing healthcare to adapt new business models and workflows. Cyber risk mitigation must be a priority as momentum continues to build.

MSSPs need to pay very careful attention to the access that mobile devices have to the EHR application, whether hosted on-premise or in the cloud. For more protection, implement a mobile device management (MDM) solution if the organization doesn’t already have one.

IoT Leaves Many Healthcare Providers at Risk

The Internet of Things (IoT) is bringing connectivity and statistical information to providers in near real-time while offering incredible convenience to the patient. Even wearable devices have immense capabilities to monitor chronic illnesses, such as heart disease, diabetes and hypertension. With these devices comes an incredible opportunity for hackers and immense threat for healthcare providers.

IoT devices tend to have weaker protections than typical computers. Many IoT devices do not receive software or firmware updates in any sort of regular cadence even though all of them are connected to the internet. There are so many manufacturers of IoT devices, and they are distributed through so many channels. There are no standards or controls regarding passwords, encryption or chain of command tracking capabilities to see who has handled the device.

If it’s feasible for the organization, totally isolate any IoT-connected devices to a secure inside network not connected to the internet (i.e., air gapped).

Encryption for Data at Rest Is Critical

For healthcare providers, it’s equally important to have a strong encryption for both data at rest and data in transit. Encryption for data at rest includes ensuring the software managing PHI doesn’t have a really weak single key that could unlock everyone’s PHI. If at all possible, records should be encrypted with unique keys so that a potentially exposed key doesn’t open the door to everyone’s information.

Attacks Are Hiding within Encrypted Traffic

MSSPs serving healthcare organizations need to realize that there is not one layer of defense that they should rely on. That said, perhaps the most important layer is the firewall.

A next-generation firewall, with DPI capabilities, is a critical component to securing a healthcare network. Even internal traffic transgressing the network should be routed through the firewall to prevent any potential malicious traffic from proliferating the entire LAN and to log transactions.

As much as possible, isolate medical devices and software applications that host PHI inside a secure network zone and protect that zone with an internal DPI-capable firewall that will only allow access to authorized services and IP addresses.


About ProviNET

ProviNET is a SonicWall SecureFirst Gold Partner. For nearly three decades, ProviNET has delivered trusted technology solutions for healthcare organizations. Whether it’s a single project or full-time onsite work, ProviNET designs and implements customized solutions so healthcare organizations can focus on core services.

ProviNET’s tight-knit group of experienced, industry-certified personnel are focused on customer satisfaction. They are a reputable organization, fulfilling immediate IT needs and helping plan for tomorrow. They are ready to put their extensive knowledge to work for healthcare, developing strategies and solving challenges with the latest technology.

To learn more about ProviNET, please visit www.provinet.com.