Posts

May 2018: Cyberattack Volume Continues to Rise, Ransomware Attempts Jump 299 Percent

The very latest cyber threat intelligence for May 2018 depicts increases in a number of attack areas, particularly when comparing against 2017 cyber threat data. Through May 2018, the SonicWall Capture Labs threat researches have recorded:

Global Cyberattacks — May 2018

  • 2 million malware attacks (64 percent year-over-year increase)
  • 9 million ransomware attacks (78 percent year-over-year increase)
  • 238,828 encrypted threats (142 percent year-over-year increase)

Global Cyberattacks — Year to Date

  • 5 billion malware attacks (128 percent increase )
  • 2 million ransomware attacks (299 percent increase)
  • 2 million encrypted threats (283 percent increase)

To put these numbers in a more practical light, it’s helpful to break them down by customer. In May 2018 alone, the average SonicWall customer faced:

  • 2,302 malware attacks (56 percent year-over-year increase)
  • 62 ransomware attacks (69 percent year-over-year increase)
  • Almost 94 encrypted threats
  • Over 14 phishing attacks per day

With each passing month, cybercriminals continue to perpetrate cyberattacks at an ever-accelerating rate. It is interesting to note that although encrypted traffic is actually down slightly when compared with last year, encrypted threats have more than doubled. This points to cybercriminals who are more aware of the efficacy of encrypting their attacks.

In addition, phishing attacks have increased by almost 40 percent since last month. To better educate your end users and follow secure email best practices, use the phishing IQ test to increase their suspicions when opening emails, particularly from unknown senders.

As the cyber war continues between threat actors and security professionals, arming your organization with the latest cyber threat intelligence is critical to implementing or improving a sound security posture. As long as vulnerabilities exist, there are threat actors working to exploit them.

Find Threat Metrics When You Need Them

Would you like to keep up-to-date on threat metrics, security news and worldwide cyberattacks? The SonicWall Security Center has all of this and more.

VISIT THE SECURITY CENTER

Cyber Security News & Trends

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.


SonicWall Spotlight

Cybersecurity 500 List, 2018 Edition Cybersecurity Ventures

  • SonicWall is announced as #36 on Cybersecurity Ventures Cybersecurity 500: 2018 Edition List which includes the world’s hottest and most innovative cybersecurity companies to watch in 2018.

British Businesses Facing Cyber Ransom Demands of up to £200,000 The Daily Telegraph

  • Cyber criminals are arming themselves with “malware cocktails”, expertly blended using old variants of malicious computer code. The new viruses are more potent than their predecessors because they have adapted to companies’ cyber defenses, like a digital version of antibiotic-resistant superbugs.

Securing Your Journey to Success With Innovation and Security: SonicWall Silicon Review

  • Recently announced as one of the 10 Best Security Companies in 2018, SonicWall is featured in an editorial highlighting the company’s history and success with CEO Bill Conner at the forefront.

10 Best Security Companies in 2018 Silicon Review

  • SonicWall is announced as one of the 10 Best Security Companies in 2018.

Cyber Security News

Cybercriminals on Average Have Seven-Day Window of Opportunity to Attack SC Magazine

  • Once a vulnerability is announced, the average attacker has a seven-day window of opportunity to exploit the flaw before a defender is even aware they are vulnerable, according to report from Tenable.

Deadly Attacks Feared as Hackers Target Industrial Sites The Hill

  • The hacking threat to critical infrastructure in the United States and beyond is growing larger, with nation states and other malicious actors looking to gain a foothold in sensitive technologies to conduct espionage and potentially stage disruptive or destructive attacks.

U.S. Judge Dismisses Kaspersky Suits to Overturn Government Ban Reuters

  • A U.S. federal judge on Wednesday dismissed two lawsuits by Moscow-based Kaspersky Lab that sought to overturn bans on the use of the security software maker’s products in U.S. government networks.

BackSwap Banking Malware Bypasses Browser Protections With Clever Technique SC Magazine

  • A new banking malware called BackSwap has replaced tricky conventional browser injections with a simpler browser manipulation technique.

Over 5K Gas Station Tank Gauges Sit Exposed on the Public Net Dark Reading

  • It’s been three years since researchers first discovered automated tank gauges (ATGs) at some 5,000 US gas stations exposed on the public Internet without password protection, and a recent scan found 5,635 locations were vulnerable to the same issue.

In Case You Missed It


Upcoming Webinars & Events

June 4
Webinar
1 a.m. PDT
Technical Deep Dive – Securing Office 365 with SonicWall Email Security
> Register Now

Cyber Security News & Trends

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.


SonicWall Spotlight

Real-Time Cyber Threat Intelligence Is More Critical Than Ever Forbes

  • SonicWall CEO Bill Conner discusses the importance of organizations utilizing real-time cyber threat intelligence as the cybersecurity landscape grows increasingly dangerous.

SonicWall Splits from Quest, Surpasses Financial Objectives Dark Reading

  • Dark Reading breaks down SonicWall’s recent momentum announcement, touching on the company’s newfound financial and operational independence, as well as innovations on the partner and customer front

SonicWall Boasts 60% YOY Partner Deal-Registration Increase Channel Partners

  • Due to SonicWall’s recent announcement, the company is featured for its success in the channel with the SecureFirst program which enabled partner deal registrations to hit a year-over-year increase of 60 percent.

Cyber Security News

VPNFilter Malware With Bricking Capabilities Poses Major Threat After Infecting 500,000+ Networking Devices SC Magazine

  • A potentially highly-destructive malware is estimated to have infected at least 500,000 networking devices in at least 54 countries since as far back as 2016, in what could be the prelude to a massive attack potentially capable of cutting off the internet from hundreds of thousands around the world.

U.S. Launches Criminal Probe into Bitcoin Price Manipulation Bloomberg

  • The Justice Department has opened a criminal probe into whether traders are manipulating the price of Bitcoin and other digital currencies, dramatically ratcheting up U.S. scrutiny of red-hot markets that critics say are rife with misconduct, according to four people familiar with the matter.

UK Threatens to Name and Shame State Backers of Cyber-attacks The Guardian

  • In a speech referring to Russian and North Korean “campaigns of intrusion”, Jeremy Wright QC called for international sanctions to be applied against countries that exploit cyberspace for illegal purposes.

Cyber Amendments to Watch in the House’s Defense Authorization Bill Nextgov

  • The House Rules Committee is considering more than a dozen cyber-focused amendments to the National Defense Authorization Act, a must-pass policy bill.

Intel Responds to Spectre-Like Flaw in CPUs Threat Post

  • Intel acknowledged that its processors are vulnerable to another dangerous speculative execution side channel flaw that could give attackers unauthorized read access to memory.

In Case You Missed It


Upcoming Webinars & Events

May 30
Webinar
11 a.m. PDT
Identify and Stop Malware in the Quickest and Most Accurate Way Possible
> Register Now

June 4
Webinar
1 a.m. PDT
Technical Deep Dive – Securing Office 365 with SonicWall Email Security
> Register Now

Cyber Security News & Trends

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.


SonicWall Spotlight

New DHS National Cybersecurity Framework Sets Goals, Milestones — MSSP Alert

  • As a result of the recent elimination of the White House cybersecurity coordinator role, SonicWall CEO Bill Conner is featured for his perspective and insight into what the move implies for the future of cybersecurity policy.

SonicWall Pushes Capture Cloud Platform with Endpoint Security — Chinabyte.com

  • SonicWall’s recent updates including the company’s new Capture Cloud Platform, enhanced RTDMI technology and more are featured in this article.

Cybersecurity Sourcebook 2018 Looks at Evolving Data Threat Landscape — Database Trends & Applications

  • This article explains the serious need to safeguard data using key SonicWall threat data. Specifically, they’ve included stats sharing that cyberattacks are becoming the number-one risk to businesses, brands, operations, and financials, and that there were 9.32 billion malware attacks in total in 2017, representing an 18.4% increase over 2016.

Cyber Security News

Brutal Cryptocurrency Malware Crashes Your PC When Discovered — ZDNet

  • The malware, dubbed WinstarNssmMiner by 360 Total Security researchers, has been used in half a million attempted attacks leveraged at PCs in only three days.

What Makes ZTE a Cybersecurity Threat? Congress Wants to Know — CNET

  • Congress wants a detailed explanation on what cybersecurity threats the Chinese phone company poses.

Mexico Central Bank Says Hackers Siphoned $15 Million from Five Companies — Reuters

  • Mexico’s central bank said on Wednesday that a cyber attack had sucked around 300 million pesos ($15.33 million) in fraudulent transfers from five companies, but it was unclear how much thieves had managed to pull out in cash.

Former CIA Software Engineer ID’ed as Suspect in Vault 7 Leaks — SC Magazine

  • The former CIA software engineer believed to have leaked the CIA’s Vault 7 hacking tools is already behind bars at the Metropolitan Correctional Center in New York City, after being indicted for possessing child pornography.

DHS Issues More Medical Device Cybersecurity Alerts — GovInfo Security

  • The Department of Homeland Security has yet again issued a warning about cybersecurity vulnerabilities in medical devices. These warnings have come after independent researchers, or the companies themselves, have reported the problems.

Cybersecurity Whistleblowers are Growing Corporate Challenge — The Wall Street Journal

  • Signals from the U.S. Securities and Exchange Commission over how seriously it takes cybersecurity, combined with a Supreme Court ruling on whistleblower protections, are putting pressure on companies to be more careful about how they deal with potential tipsters, lawyers say

In Case You Missed It


 

 

Cyber Security News & Trends

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.


SonicWall Spotlight

Bringing Visibility to the Midmarket  Data Breach Today

  • In a video interview with ISMG’s Data Breach Today, SonicWall’s Bill Conner shares his vision to ensure smaller and mid-sized businesses have a clear view of the threat landscape taking aim at their companies. In the video he expands on the SME visibility challenge, SonicWall’s solutions to improve alerts and analytics and how SonicWall is addressing customer cloud security concerns.

Jonesboro Council Tackles Cybersafety  The Clayton News Daily

  • Due to the recent Atlanta data breach, other cities are taking the initiative to bolster their preventative cybersecurity measures such as Georgia’s Jonesboro City Council who recommend SonicWall’s TZ300 Firewall solution to protect the city’s financial data.

SonicAlert: New Variant Family of PUBG Ransomware  SonicWall Security Center

  • The SonicWall Capture Labs Threat Research Team has observed reports of a new variant family of PUBG Ransomware [Pubg.RSM] actively spreading in the wild. PUBG Ransomware encrypts the victim’s files and forces them to play an hour of a game called PlayerUnknown’s Battlegrounds to get their files back.

Cyber Security News

Almost Half UK Businesses Suffered Cyberattack or Security Breach Last Year, Figures Show  The Independent

  • Nearly half the businesses in the UK have fallen victim to cyberattacks or security breaches in the last year, costing them each thousands of pounds, new data shows.

Global Police Just Shut Down World’s Largest Marketplace That Allegedly Disrupted Millions of Sites  The Washington Post

  • An international police operation recently shut down the world’s largest for-hire service that allegedly slowed and disrupted millions of websites using malicious cyber tools, officials said Wednesday.

Traffic Hijack: Users Sent to Phishing Site in Two-Hour Cryptocurrency Heist  ZDNet

  • Attackers on Tuesday pulled off a complex attack using kinks in core internet infrastructure that caused users of an Ethereum wallet developer’s website to be redirected to a phishing site.

Huawei Under Criminal Investigation Over Iran Sanctions  The Wall Street Journal

  • The Justice Department is investigating whether Huawei Technologies Co. violated U.S. sanctions related to Iran, according to people familiar with the matter, opening a new avenue of scrutiny amid wider national-security concerns over the Chinese cellular-electronics giant.

This Ransomware was Rewritten to Mine Cryptocurrency – and Destroy Your Files  ZDNet

  • Some criminals are shifting from ransomware to cryptocurrency miners — those behind XiaoBa have rejigged the code to shift the same malware towards a different focus.

In Case You Missed It

Cyber Security News & Trends

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.


SonicWall Spotlight

Jonesboro Council Tackles Cybersafety — The Clayton News Daily

  • Due to the recent Atlanta data breach, other cities are taking the initiative to bolster their preventative cybersecurity measures such as Georgia’s Jonesboro City Council who recommend SonicWall’s TZ300 Firewall solution to protect the city’s financial data.

SonicWall Bags the Most Promising Cybersecurity Vendor of the Year Award — InfoSecurity Live

  • In India, SonicWall has been awarded the InfoSecurity Live Editor’s Choice Award for the Most Promising Cybersecurity Vendor of the Year for 2017 through 2018.

SonicAlert: New Variant Family of PUBG Ransomware — SonicWall Security Center

  • The SonicWall Capture Labs Threat Research Team has observed reports of a new variant family of PUBG Ransomware [Pubg.RSM] actively spreading in the wild. PUBG Ransomware encrypts the victim’s files and forces them to play an hour of a game called PlayerUnknown’s Battlegrounds to get their files back.

10 Hot New Cloud Security Products Announced at RSA 2018 — CRN

  • The SonicWall Capture Cloud Platform is featured as the second product to make CRN’s 10 Hot New Cloud Security Products list announced at RSA this week.

20 Hot New Security Products Announced At RSA 2018 — CRN

  • SonicWall’s NSv Virtual Firewall is featured in CRN’s 20 Hot New Security Products listing at RSA 2018.

20 Hot New Security Products Announced At RSA 2018 — CRN

  • The 20 Hot New Security Products list at RSA 2018 also highlights SonicWall’s Capture Client for enabling advanced endpoint security.

EXCLUSIVE: Britain Facing Cyber War as Online Attacks Soar by 300% — Daily Express

  • In an exclusive interview with The Daily Express’ John Ingham, SonicWall President and CEO Bill Conner discusses the 300 percent increase in UK cyber attacks, compared to a 151 percent increase worldwide.

Cyber Security News

Huawei and ZTE Hit Hard as U.S. Moves Against Chinese Tech Firms — The New York Times

  • The United States undercut China’s technology ambitions on Tuesday, advancing a new rule that would limit the ability of Chinese telecommunications companies to sell their products in this country.

This Ransomware was Rewritten to Mine Cryptocurrency – and Destroy Your Files — ZDNet

  • Some criminals are shifting from ransomware to cryptocurrency miners – those behind XiaoBa have rejigged the code to shift the same malware towards a different focus.

Critical Infrastructure Needs Shoring Up After U.S., U.K. Blame Russia for Attacks — SC Magazine

  • The U.S. is prepared to take aggressive action against Russia for a recent, extended campaign of cyberattacks on infrastructure assets around the world by compromising devices such as routers and firewalls, the White House cybersecurity coordinator, who has since left his position, said Monday.

DHS Secretary: U.S. Could Cyberattack Countries Sponsoring Hacks — CNet

  • Kirstjen Nielsen tells RSA conference the U.S. hasn’t ruled out offensive cyberattacks to prevent hacks from other countries.

SamSam Explained: Everything You Need to Know About This Opportunistic Group of Threat Actors — CSO

  • In his latest article, Steve Ragan talks about the group behind the SamSam family of ransomware, known for recent attacks on healthcare organizations and other targets.

In Case You Missed It


Upcoming Events & Webinars

April 25
Webinar
11 a.m. PDT
Stop Fileless Malware with SonicWall Capture Client
> Register Now

Cyber Threat Map: SonicWall Security Center Delivers Real-Time Cyber Attack Data

Cyber security professionals exist in an increasingly complex world. As the cyber threat landscape evolves, a new cyber arms race has emerged that places organizations and their security solutions in the crosshairs of a growing global criminal industry.

Cyber criminals are increasingly turning to highly effective advanced cyber weapons, such as ransomware, infostealers, IoT exploits and TLS/SSL encrypted attacks, to target organizations of all sizes around the world.

To help organizations protect their networks and sensitive data from advanced cyber attacks, SonicWall developed a next-generation Automated Real-Time Breach Detection and Prevention Platform. Over a decade ago, SonicWall Capture Labs threat researchers pioneered the use of machine learning for threat research and cyber protection.

Complementing the platform, SonicWall is unlocking the power of the SonicWall Capture Labs Threat Network data for our customers, partners and the greater industry via the modern SonicWall Security Center.

What is the SonicWall Security Center?

The SonicWall Security Center provides a graphical view of the worldwide attacks over the last 24 hours, countries being attacked and geographic attack origins. This view illustrates the pace and speed of the cyber arms race. Even more important is the actionable data found on the Capture Labs Threat Metrics pages.

Sonicwall Security Center Worldwide Attacks

On these interactive pages, cyber threat meters show telemetry data that empower you to take action to better protect your organization. For example, the dashboard below shows that worldwide malware attack attempts are up 139 percent in February 2018 over February 2017.

Sonicwall Security Center Worldwide Attacks

In this example, SonicWall Security Center threat metrics state that the number of malware attacks increased from 0.42 billion to 1.0 billion, and that the attacks are largely coming from IP addresses in the United States, followed by China. The Security Center includes regional drilldowns for North America, Europe and Asia to give deeper insight for organizations around the globe.

This level of detail is available not only for malware attacks, but also for intrusion attempts, ransomware, encrypted traffic, https encrypted malware, new threats discovered by Capture Advanced Threat Protection and spam/phishing activity.

With this tool, we aim to provide actionable cyber threat intelligence to help you identify the types of attacks you need to be concerned about so you can design and test your security posture to make sure that your organization is properly protected.

Cyber security news, trends and analysis

The final section on the SonicWall Security Center is Security News. On this page, the Capture Labs team publishes research and analysis on the latest security threats, attacks, vulnerabilities and more — as it’s happening. When the next big cyber attack occurs, this will be the go-to source for information not only for the SonicWall community, but for the greater cyber security industry as well.

Sonicwall Security Center Worldwide Attacks

SonicWall threat intelligence and cyber attack data

SonicWall uses deep-learning algorithms to analyze data, classify attacks and block known malware before it can infect a network. Unknown files are sent to Capture Advanced Threat Protection service for automated analysis using a variety of techniques, including hypervisor analysis, emulation, virtualization and our patent-pending Real-Time Deep Memory Inspection.TM

The information we obtain on unknown threats is then combined with the billions of telemetry data points that Capture Labs gathers from the million-plus firewalls, email security appliances and endpoint clients used by our customers.

 

Get the 2018 SonicWall Cyber Threat Report

The cyber arms race is a challenge we face together. And it’s the core reason we’re committed to passing our findings, intelligence, analysis and research to the global public via the SonicWall 2018 Cyber Threat Report.

SonicWall CEO Bill Conner Joins Cyber Security Panel on Capitol Hill

Cybercrime is a lucrative and booming industry, with recent reports estimating $600 billion in damages to businesses. With the introduction of innovative cyber security technologies and new cyber attack variants, the race is on for private and public organizations to arm themselves for a battle that is being waged in a dynamic threat landscape.

Bill Conner Portrait

On March 6, cyber security experts and policymakers will come together in a panel discussion to address the current threat landscape and its impact on the U.S. economy. Featuring Congressman Lamar Smith, SonicWall CEO Bill Conner and the Honorable Secretary Michael Chertoff, the panel will foster dialogues that focus on the preventative measures organizations should take to thwart cyber attacks, as well as the joint efforts of government and law enforcement agencies combatting modern-day cyber attacks, cybercriminals and threat actors.

Preceding the event, Conner and Chertoff penned an opinion piece, “SEC, Congress take steps toward cyber accountability and transparency,” on The Hill.

Michael Chertoff Portrait

“Cyber risk affects virtually every kind of enterprise. It is not a matter of if, but when,” they wrote on The Hill. “Companies should start with the presumption that they will be attacked and have a comprehensive incident response plan in place. An incident response plan should include a consumer notification process especially when sensitive data such as Social Security numbers and financial information is corrupted.”

Event: Cybersecurity Panel Discussion – 2018 SonicWall Cyber Threat Report
Date: Tuesday, March 6, 12:30 p.m. EST
Location: Committee Room 2325, Rayburn House Office Building, Washington D.C.
Panel:

  • Chairman Lamar Smith, Congressman, 21st Congressional District of Texas
  • Honorable Secretary Michael Chertoff, former head of the U.S. Department of Homeland Security
  • Bill Conner, President and CEO, SonicWall
  • Michael Crean, CEO, Solutions Granted

The panel also will leverage and discuss the findings and intelligence from the 2018 SonicWall Cyber Threat Report, which provides key advances for the security industry and cybercriminals; exclusive data on the 2017 threat landscape; cyber security predictions for 2018; cyber security guidelines and best practices.

Get the 2018 SonicWall Cyber Threat Report

The cyber arms race is a challenge we face together. And it’s the core reason we’re committed to passing our findings, intelligence, analysis and research to the global public via the SonicWall 2018 Cyber Threat Report.