This week, SonicWall partners with Perimeter 81, Puerto Rico loses millions from a phishing attack, and new figures show how cryptocurrency losses boomed in 2019.

SonicWall Spotlight

2020 SonicWall Cyber Threat Report: Threat Actors Pivot Toward More Targeted Attacks, Evasive Exploits – SonicWall Press Release

• This week saw the release of the always anticipated yearly SonicWall Cyber Threat Report! Key takeaways include a drop in malware and ransomware attack volumes but an increase in more targeted attacks, a continued rise in encrypted attacks, and a massive fall in cryptojacking.

Inside Cybercriminal Inc.: SonicWall Exposes New Cyberattack Data, Threat Actor Behaviors in Latest Report  – Geoff Blaine

• SonicWall Vice President of Marketing Geoff Blaine digs into the 2020 Cyber Threat Report, laying out and analyzing the data SonicWall’s Cyber Threat Team have found over the past year.

The CyberWire Daily Briefing – Cyberwire

• The SonicWall 2020 Cyber Threat Report is picked up in the CyberWire Daily news report. Other English language coverage include pieces by Politico, SC Magazine, Dark Reading, Tech Republic, Information Age, The Register, Channelnomics, HelpNetSecurity, VMBlog, Blockonomi, Computer Weekly, ChannelWeb and Var India.

Vulnerability in Linear eMerge Access Controllers Exploited in the Wild – SecurityWeek

• SecurityWeek picks up on SonicWall’s recent SonicAlert about a known vulnerability in Nortek Security & Control’s Linear Emerge E3 Access Controller actively being exploited. Despite this vulnerability being raised a year ago and considered critical, no fix has yet been implemented.

Cybersecurity News

Kobe Bryant Wallpaper Shows how Hackers Exploit Mourning Fans for Cryptocurrency Mining – The Independent (UK)

• Cybercriminals have been detected attempting to profit from the death of Kobe Bryant by hiding malware within downloadable wallpapers of the basketball star.

Internet of Things: Smart Cities Pick Up the Pace – Financial Times

• As 5G and the Internet of Things go from a future development to a reality, so do smart cities. The Financial Times investigates where smart cites are right now, how deep 5G and IoT penetration currently goes and what they are likely to look like in the future, including the prediction that up to 30% of smart city programs will be abandoned by 2023.

Magecart Group Jumps from Olympic Ticket Website to new Wave of E-Commerce Shops – ZDNet

• Despite recent arrests of a major magecart group, a new wave of the malware has been detected spreading across a Russian hosting provider using a Chinese domain registrar, who suspended the domain when the malware was reported.

Watch Out for Coronavirus Phishing Scams – Wired

• A number of phishing scams have been detected where attackers disseminate malicious links and PDFs that claim to contain information on how to protect yourself from the spread of the Coronavirus. SonicWall’s Cyber Threat team have also detected malicious executables being spread using fears of the virus as bait.

Feds are Lining up More Indictments Related to Chinese Cyber-Activity, Officials say – Cyberscoop

• U.S. prosecutors are preparing to issue new charges against Chinese nationals related to alleged hacking and insider threats at U.S. organizations. U.S. officials have repeatedly accused China of breaking a 2015 agreement not to conduct “cyber-enabled” intellectual property theft and have ramped up pressure by announcing criminal charges against Chinese nationals. Strain over Huawei and the nascent 5G network may bring the whole thing to a head.

In Case You Missed It

• Coronavirus Affecting Business as Remote Workforces Expand Beyond Expected Capacity – Agasthiamani Sankaran
• The Worst Cyberattacks and Data Breaches of 2019 – John Lynch
• Bett 2020: SonicWall Showcases Cybersecurity Solutions for Educational Institutions – David Peace
• Spear-Phishing Attacks Targeting Office 365 Users, SaaS Applications – Matt Brennan
• A Hard Study in Ransomware: Education Being Held Hostage – Brook Chelmo
• Smarter Cybersecurity: How SecOps Can Simplify Security Management, Oversight & Real-Time Decision-Making – Ken Dang

This week, SonicWall experts explain the accuracy and reach of data tracking, cyber-insurance court cases continue to heat up, and government drones are grounded for cybersecurity reasons.

SonicWall Spotlight

How Do I Love Thee, Data Privacy? Let Me Count the Ways – Forbes

• SonicWall’s Dmitriy Ayrapeto talks data privacy with Forbes on Data Privacy Day 2020, explaining just how large, sophisticated, and accurate data tracking methods are, even for people not signed up for social media accounts.

A Glimpse Into what Cyber Security Has in Store in 2020 – VarIndia

• What’s coming from SonicWall in India in 2020? SonicWall’s Debasish Mukherjee reflects on the current cybersecurity and threat landscape, noting a general downtick in ransomware in India as hackers choose more targeted attacks on larger corporations instead of scattergun approaches.

Cybersecurity News

Leaked Report Shows United Nations Suffered Hack – Washington Times

• Hackers managed to get into the U.N. networks in Geneva last year, compromising dozens of servers and accessing domain administrator accounts. It is unknown how much damage was done but espionage has been put forward as a likely reason. The U.N. say nothing confidential was compromised.

AIG Must Cover Client’s $5.9 Million in Cyber-Related Losses, Judge Rules – Cyber Scoop

• In the latest cyber-insurance development, a judge has decided that AIG must pay out for a $5.9 million claim it had previously denied after its clients lost money through a business email compromise scam.

US Space Industry to Launch Cybersecurity Portal – InfoSecurity Magazine

• The Space Information Sharing and Analysis Center (ISAC) is setting up an unclassified portal where companies can share and analyze information on cybersecurity threats, with the aim of protecting the space industry.

The Space Race For Secure Access Service Edge (SASE) – Forbes Technology Council

• SonicWall partners Perimeter 81 talk about the rise of and race for Secure Access Service Edge (SASE), a security solution created to fit the modern challenges of nomad and digital workforce, cloud adoption and 5G networks.

Dept. of Interior Grounds its Drones Amid Cybersecurity Concerns – TechCrunch

• The U.S. Department of the Interior released a statement confirming that non-emergency drones were being temporarily grounded for a cybersecurity review, admitting that concerns from “foreign entities, organizations, and governments” are driving the decision.

Malware Tries to Trump Security Software With POTUS Impeachment – Bleeping Computer

• New research has found malware using text from President Trump’s impeachment as cover in an attempt to pass itself off as “goodware.“

Dozens of Companies Have Data Dumped Online by Ransomware Ring Seeking Leverage – Ars Technica

• The Maze ransomware ring has begun to post data from companies caught by their malware, threatening to dump huge amounts of the information if their ransom demands are not met.

And Finally

Hacker Snoops on Art Sale and Walks Away with $3.1m, Victims Fight Each Other in Court – ZDNet

• Hackers who managed to intercept talks between an art dealer and a Dutch museum spoofed the dealer’s email account and convinced the museum to send $3.1 million to a bank account in Hong Kong. Both the art dealer and the museum are now blaming the other side for the mistake.

In Case You Missed It

• The Worst Cyberattacks and Data Breaches of 2019 – John Lynch
• Bett 2020: SonicWall Showcases Cybersecurity Solutions for Educational Institutions – David Peace
• Spear-Phishing Attacks Targeting Office 365 Users, SaaS Applications – Matt Brennan
• A Hard Study in Ransomware: Education Being Held Hostage – Brook Chelmo
• Smarter Cybersecurity: How SecOps Can Simplify Security Management, Oversight & Real-Time Decision-Making – Ken Dang
• 10 Reasons to Upgrade to the Latest SonicWall NSa Firewall – Brook Chelmo

This week, SonicWall experts explain why the Dustman attack likely originates from Iran, the NSA publishes a major exploit in Microsoft ECC Certs, and Emotet makes a return after a holiday-season break.

SonicWall Spotlight

Security Advisor January 2020 – Tahulwheltech

• SonicWall’s VP for EMEA Sales, Terry Greer-King, sits down with Security Advisor Middle East, and sheds some light on how SonicWall has become a major cybersecurity player in the Enterprise space with a “direct touch” approach and unrivaled security innovations.

The US is Worried about Iran Retaliating with a Cyberattack – Vox

• As tensions between the US and Iran simmered in recent days, eyes have turned to Iran’s arsenal of cyberattack capabilities. Speaking to Vox SonicWall CEO Bill Conner stresses that American businesses must use the situation to bolster their cyberdefenses.

Dustman Attack Underscores Iran’s Cyber Capabilities – Dark Reading

• A malware known as Dustman attacked Bahrain’s national oil company in a cyberattack in late December. SonicWall’s Dmitiry Ayrapetov explains to Dark Reading why an Iran-backed group is likely the likely source of the attack as they investigate the attack.

Landry’s Malware Attack Highlights Need for Stronger Data Security – Channel Futures

• SonicWall CEO Bill Conner explains to Channel Futures that the recent attack on Landry’s is just one of several attacks that should not even be happening because large companies have the budget to afford the best in cybersecurity.

Cybersecurity News

Cybersecurity Threats Call for a Global Response – IMF Blog

• The International Monetary Fund calls for a unified worldwide response to cyberthreats, listing four areas where the international community can come together to work better – understanding of the risks; improving collaboration; consistent regulatory approaches, and being ready for cyberattacks when they do happen.

60% of US politicians haven’t upgraded their cybersecurity since 2016 – MIT Technology Review

• Despite controversy over alleged cyberattacks in the 2016 US Presidential campaign, a new poll of 500 high-risk users found that 60% of them have not upgraded their cybersecurity in the intervening years.

Proof-of-Concept Exploits Published for the Microsoft-NSA Crypto bug – ZDNet

• Microsoft released a security update this week that includes a fix to a dangerous bug discovered and reported to them by the NSA. With the bug being described as “seriously, seriously bad” it only took 48 hours for two proof-of-concept exploits for the vulnerability to be published.

Unprotected Medical Systems Expose Data on Millions of Patients – SecurityWeek

• New research and analysis has found that hundreds of internet-connected and unprotected medical imaging systems worldwide are exposing data of millions of patients. The most badly affected country is the USA where over 800 institutions have been exposed.

Renewed Emotet Phishing Activity Targets UN, Government and Military Users – SC Magazine

• After a massive drop in attacks in December 2019, the Emotet botnet and banking trojan renewed attacks in January 2019, launching a massive phishing campaign targeting high profile organizations like the United Nations.

In Case You Missed It

• The Worst Cyberattacks and Data Breaches of 2019 – John Lynch
• Bett 2020: SonicWall Showcases Cybersecurity Solutions for Educational Institutions – David Peace
• Spear-Phishing Attacks Targeting Office 365 Users, SaaS Applications – Matt Brennan
• A Hard Study in Ransomware: Education Being Held Hostage – Brook Chelmo
• Smarter Cybersecurity: How SecOps Can Simplify Security Management, Oversight & Real-Time Decision-Making – Ken Dang
• 10 Reasons to Upgrade to the Latest SonicWall NSa Firewall – Brook Chelmo

This week, SonicWall Capture Threat Labs releases data on cyberattacks over the Black Friday and Cyber Monday holiday period, and the cybercriminals involved in the attacks put the stolen data up for sale.

SonicWall Spotlight

Veiled Threats: The Growing Cyberattack Vectors Few People Talk About – Forbes

• While many people are aware that malware attacks like ransomware can happen through a phishing email or an infected USB key, less well known are the attacks that use encryption or launch using non-standard ports. SonicWall CEO Bill Conner discusses the growth of these veiled threats, and how SonicWall protects from them, in his latest Forbes Technology Council post.

Black Friday Cyberattacks: Businesses Face Surge of Malware, Ransomware on U.S. Shopping Holiday – SonicWall Blog

• The SonicWall Capture Threat Labs threat researchers releases data on cyberattacks across the 2019 Black Friday and Cyber Monday holiday period. In general, there was as much as a 63% surge in malware attacks over the shopping window, with attackers concentrating more on Black Friday than on Cyber Monday.

SonicWall and Veeam Enhance Managed Service Support – Computer Weekly

• SonicWall’s recently launched My Workspace is covered by Computer Weekly, including SonicWall’s Terry Greer-King explaining why the technology is needed as more customers plan to move to a shared model or fully MSSP mode.

Cybersecurity News

The FBI Is Warning That Your Smart Home Devices Aren’t Secure. Here’s What You Should Do About It – Inc

• Despite a recent FBI warning about cyberthreats attacking via the Internet of Things, the truth is that most smart devices currently have almost no cybersecurity. With this in mind, Inc takes a look how to protect your network from cyberattacks, with reference to SonicWall firewalls.

A $200,000 Internet Fraud: Will Anyone Investigate? – BankInfoSecurity

• The story of a $200,000 phony bank scam exposes the difficulty in getting law enforcement agencies to investigate all but the highest profile internet fraud.

The Case for Cyber Insurance – Security Week

• As the ongoing case between Mondelez and Zurich American Insurance highlights the complexities in deciding whether or not a cyberattack can be defined as a nation state attack, Security Week makes the case for specifically buying cyber insurance.

TrickBot Gang Is Now a Malware Supplier for North Korean Hackers – ZDNet

• A newly published report finds that he authors of Trickbot, one of today’s top three malware botnets, has been linked to a North Korea state-sponsored hacking group known as Lazarus.

Cost of Data Breaches in 2019: The 4 Worst Hits on the Corporate Wallet – Security Boulevard

• British Airways, Capital One, Marriott… some of the biggest breaches in recent times only started to affect the companies involved in 2019. These are not the biggest data breaches by volume, but by cost.

And Finally

Joker’s Stash Celebrates Turkey Day With Stolen Card Data – BankInfoSecurity

• This week, a huge batch of card details stolen over the Thanksgiving shopping period appeared for sale online, with a price tag of half a million dollars. Successful use of Magecart card-skimming software is the most likely to blame.

In Case You Missed It

• E-rate Funding 2020: Use It or Lose It? – Holly Davis
• 10 Reasons to Upgrade to the Latest SonicWall NSa Firewall – Brook Chelmo
• My Workspace: Streamlining Asset Management for MSSPs – Suroop Chandran
• SonicWall Simplifies Day-to-Day Operations for MSSPs – Robert (Bob) VanKirk
• Meeting a Russian Ransomware Cell – Brook Chelmo
• 10 Reasons to Upgrade to the Newest SonicWall TZ Firewall – Brook Chelmo

This week, SonicWall is looking for Beta Testers for the SonicWall Community, Ransomware-as-a-Service is put under the spotlight, and Disney+ accounts are hacked only hours after going live.

SonicWall Spotlight

SonicWall Leads Series a Round Funding in Zero-Trust Security Provider Perimeter 81 – SonicWall Press Release

• SonicWall has signed a commercial agreement for the development of joint solutions with Perimeter 81. This agreement means that we are able to provide a wide range of businesses, from SMBs to Fortune 500s and governments, with SonicWall’s award-winning Capture Cloud Platform and real-time breach detection and prevention solutions, while also allowing them to adopt a zero-trust security architecture that delivers tremendous efficacy in securing the modern organization.

Call for Beta Testers – The SonicWall Community

• SonicWall is delighted to announce that it will be launching the SonicWall Community in 2020. The community will be a place where our customers, partners and product experts can collaborate to share knowledge, experiences, resources and opinions. Do register your interest if you are want to be a beta tester for our pilot community.

The CyberWire Daily Podcast – The Cyberwire

• The CyberWire Daily Podcast rounds up the cybersecurity news each day and SonicWall CEO Bill Conner makes an appearance on Thursday 21^st of November, discussing the Q3 threat intelligence data from SonicWall Capture Labs.

Ransomware-as-a-Service: SaaS for Cyber Criminals – SC Magazine (UK)

• Ransomware’s simplicity and lucrativeness as a form of cyberattack has led to a growth in what is known as Ransomware-as-a-Service – a user-friendly version of ransomware that can easily be deployed with minimal technical knowledge. SonicWall CEO Bill Conner explains how it works, why it is so popular, and how to fight it in SC Magazine.

Cybersecurity News

1.2 Billion Records Found Exposed Online in a Single Server – Wired

• A researcher has found a database containing over a billion records on an easily accessed, unsecured server. The data does not contain passwords or financial information, but does contain phone numbers, social profiles, and work histories of the huge number of those affected.

Thousands of Hacked Disney+ Accounts Are Already for Sale on Hacking Forums – ZDNet

• Hackers hijacked Disney+ accounts and put them up for sale within hours of the service launching this week. Prices for the details of account vary from $3 to $11 on online forums, in comparison to a legitimate subscription that costs a user $7 a month.

WhatsApp Remote Code Execution Triggered by Videos – Threat Post

• A newly discovered vulnerability in WhatsApp was discovered and quietly patched this week. The flaw would allow an attacker to target a user simply by sending them an MP4 file by WhatsApp. There is no evidence that the vulnerability had been exploited in the wild before the patch was sent out.

Attacks on Healthcare Jump 60% in 2019 – so Far – Dark Reading

• A new report has named the healthcare system as the seventh-most targeted industry by malware, but also an industry that is still dragging its heels when it comes to preparedness, with a large number of legacy hardware and software systems still in use.

Financial Advisors Need to Put Cybersecurity Plans to the Test – CNBC

• The U.S. Securities and Exchange Commission has released cybersecurity guidance for financial advisory firms. The simple message of this notice is that no firm is too small to have cybersecurity protections in place, and no firm should be so confident in their systems that they do not regularly test them.

And Finally

Influencer Marketing Comes to Cybersecurity – Axios

• Perhaps it was only a matter of time, but the popular culture world of influencers has finally caught up with the usually more scientific world of cybersecurity. Eagle-eyed watchers of social-media have noticed an uptick in follower-rich cybersecurity Twitter accounts running individualized adverts. Other popular accounts have since come out and denounced accepting payments for adverts as unethical in the world of cybersecurity.

In Case You Missed It

• Meeting a Russian Ransomware Cell – Brook Chelmo
• 10 Reasons to Upgrade to the Newest SonicWall TZ Firewall – Brook Chelmo
• SonicWall: Encrypted Attacks, IoT Malware Surge as Global Malware Volume Dips – Geoff Blaine
• How to Protect Multi-Cloud Environments with a Virtual Firewall – Tiju Cherian
• 2019 North America Roadshow Series: SonicWall Showcases Complete Cybersecurity Portfolio, Capture Cloud Platform – David Bankemper
• What is Your Disaster Recovery Plan? 5 Core Practices to Ensure Business Continuity – Richard Chio