Posts

Cybersecurity Awareness Month: Recognizing Phishing Attacks

October brings to mind three things: busting out the fall wardrobe, Halloween and, last but not least, cybersecurity awareness. If you read that list and thought to yourself, “Cybersecurity awareness? Not me!” then congratulations, you are our target audience.

In conjunction with the U.S. Cybersecurity and Infrastructure Agency (CISA) and the National Cybersecurity Alliance (NCA), SonicWall is participating in Cybersecurity Awareness Month this October to spread awareness about key issues in cybersecurity.

In our last blog, we mentioned that while password hygiene and multifactor authentication are both crucial, they can be easily foiled by a successful phishing attack. Today, we’re going to cover the basics of recognizing phishing attempts and what to do if you spot one.

Phishing Frenzy

Phishing attacks are not a new phenomenon. They’ve been a favorite attack vectors of cybercriminals across the board for many years now. But every time cybersecurity tools get better at spotting them, they get better at hiding. That’s why knowing how to recognize phishing is more important than ever.

How to Spot a Phishing Attack

Hackers or scammers will often use emails or text messages to try and steal your login credentials, account numbers or even Social Security numbers. Once they have the information they want in hand, they can perform a multitude of nefarious deeds, such as accessing your email account or stealing money from your bank account. They may even be using you to access an organization you’re a part of, such as your workplace.

These cybercriminals are constantly updating their tactics to keep up with the latest news and trends, but they often exhibit some common characteristics that you can spot to avoid being their next victim.

These include the types of email or message phishers like to use. They’ll often be posing as your bank or a credit card company. It could be an email that looks like it’s from a coworker or your boss.

Oftentimes, these messages will say something like:

  • There’s been some suspicious activity with your account, and they need you to log in to verify.
  • You’ve missed an important payment or deadline and direct you to a link to rectify the situation.
  • You need to confirm some sort of personal information, like your Social Security number.
  • You must download an attachment or document, or login to your work email.

While some phishing emails have definite “tells,” the messages can also look quite convincing. They may look similar to emails you’ve received from real organizations in the past, even going so far as to use the official logo of the company in the header or a clone of it.

Some telltale signs of a phishing email include:

  • The message uses a generic greeting such as “Hello user” or “Hi dear.”
  • The message asks you to click on a link to update your payment details.

While real companies will sometimes communicate through email or text message, they will never email or text you asking for important financial or personal information.

What to Do When You Spot A Phishing Attack

If you receive a suspicious email or message that matches some of the criteria above, always leave the email or message and go to the company’s website directly to contact someone. (The links and numbers in phishing messages will always direct you back to the phisher themselves.)

By going to the company’s official website or calling their official phone number, you can ensure that you’re speaking with someone at the actual company and not a cybercriminal.

If you receive a suspicious email at work, you should report it to IT so they can be aware someone may be trying to infiltrate the company. If you received it in your personal email, you can forward the email to the Anti-Phishing Working Group at reportphishing@apwg.org. Suspected phishing via text message can be forwarded to SPAM (7726).

Protecting Yourself from Phishing

While phishing attempts can be scary, there are a number of tools and strategies that can help protect you and your organization. You can:

Taking just a few steps towards protecting your important information and accounts could be the difference in staying protected or becoming a victim of phishing.

Further Learning

While we’ve covered the basics, the more you learn about phishing, the better protected you’ll be. You can watch our School of Phish webinar series on-demand and learn about the different ways our cybersecurity experts handle real-world phishing incidents.

If you feel like you’re prepared to spot some phishing attacks, you can test your mettle against our phishing quiz, which will gauge your ability to identify phishing emails.

Infographic: Ransomware’s Devastating Impact on Real-World Businesses

Still relatively new to the cyber threat landscape, ransomware continues to be one of the high-profile malware types that grab headlines. It’s one part Hollywood-style drama mixed with the “mystery” of cryptocurrencies and the seemingly personal nature of ransomware attacks.

But it’s not hyperbole. Ransomware remains one of the most malicious cyberattacks that can cripple a business. SonicWall’s new infographic highlights composite data that demonstrates how ransomware impacts businesses’ ability to operate.

So, how do you prevent your organization from being severely disrupted by ransomware? The best approach is to use multiple layers that deliver automated, real-time breach detection and prevention. While this isn’t an exhaustive list of all security options, these cornerstone tactics will mitigate most of today’s most malicious cyberattacks, including ransomware.

How to Block Ransomware

Businesses have no choice but to proactively mitigate ransomware attacks. But is there a proven approach that can cost-effectively scale across networks and endpoints? Four key security capabilities make full ransomware protection possible.

  1. Next-Generation Firewall

    Detect and prevent cyberattacks with power, speed and precision.
    Next-generation firewalls (NGFW) are one of your first lines of defense against hackers, cybercriminals and threat actors.

    For example, SonicWall firewalls deliver real-time, cloud-based threat prevention, while augmenting the security from on-box deep packet inspection of SSL traffic (DPI-SSL). And all new SonicWall firewalls integrate with our award-winning network sandbox for advanced threat protection.

  2. Network Sandbox

    Identify and stop unknown attacks in real time.
    A network sandbox is an isolated environment on the firewallthat runs files to monitor their behavior. SonicWall Capture Advanced Threat Protection (ATP) is a multi-engine sandbox service that holds suspicious files at the gateway until a verdict can be achieved.

    Capture ATP also features Real-Time Deep Memory InspectionTM (RTDMI). RTDMI is a memory-based malware analysis engine that catches more malware, and faster, than behavior-based sandboxing methods. It also delivers a lower false-positive rate to improve security and the end-user experience.

  3. Email Security

    Filter email-borne attacks before they hit your network.
    Secure email solutions deliver comprehensive inbound and outbound protection from advanced cyberattacks, including ransomware, phishing, business email compromise (BEC), spoofing, spam and viruses. Proven solutions will be available in on-premise email security appliances and hosted secure email.

    SonicWall Email Security also integrates with Capture ATP to protect email from advanced threats, such as ransomware and zero-day malware.

  4. Advanced Endpoint Client Security

    Block ransomware before it compromises user devices.
    Traditional antivirus (AV) has been trusted for years to protect computers. This was a sound approach when the total number of signatures required numbered in the hundreds of thousands. Today, millions of new forms of malware are discovered each month.

    To protect endpoints from this endless onslaught of malware attacks, SonicWall recommends using a next-generation antivirus (NGAV) solution that can monitor the behavior of a system to look for malicious activities, such as the unauthorized encryption of your files.

    For example, SonicWall Capture Client delivers advanced malware protection and additional security capabilities for SonicWall firewall

Ransomware remains one of the most damaging cyberattacks to businesses. Follow these four ransomware protection best practices to help ensure ransomware does not impact your ability to operate.

Advancing Beyond Hygiene to Next-Gen Email Protection Services

This story originally appeared on MSSP Alert and was republished with permission.


Most of us have a love-hate relationship with email. It’s been around for what seems like forever and while new channels of communication like Slack are making inroads, email is still the primary means of communicating in most organizations.

Since it is so ubiquitous, we know it will be a primary target of malicious attackers. Because of the attack surface area, attackers have been targeting email as a point of entry into organizations for over a decade. Most companies have responded with some form of email security solution. However, there seems to be a disconnect in outcomes versus goals in the industry.

For instance, 90 percent of current attacks against organizations use spear phishing as the primary means of breaching those organizations, yet most people would say they have email security in place.

Preventing Spam is Only the First Step

The major problem we are having as a security industry is that most people believe they have “security” for their email systems, but what they really have is hygiene. Email hygiene can be defined as “the process of keeping the inbox clean by keeping spam and unwanted advertisements away.”

It’s easy to think that hygiene is security because when email was new, spam was the major source of annoyance and security breaches — we’ve all dealt with Nigerian prince scams.

According to a recent FBI Public Service Announcement, business email compromise is a $12 billion problem today. Anti-malware and anti-spam are hygiene tools provided for free by cloud service providers, such as O365 and G Suite, as part of their mailbox functionality, but these tools do not stop evolving, sophisticated attacks.

Unfortunately, security industry nomenclature to customers hasn’t changed. The consequence has been continual breaches in organizations that believe they have security in place, but the reality is the hygiene solutions they have in place aren’t up to the task of stopping advanced email penetration techniques.

We need to move our language more toward discussing hygiene solutions and advanced email security solutions. What customers need isn’t email security (aka hygiene) but next-generation email security focused on identifying advanced threats. A next-gen email security solution should include:

  • Targeted phishing and email fraud protection
  • Unknown threat detection capabilities beyond just a “sandbox”
  • Compatibility beyond on-premises email server to O365, Gmail, etc.
  • Outbound protection to minimize potential data leakage
  • Hygiene capabilities as needed

Next-Gen Email Security Opportunity

While education is required, customers are starting to realize the need to supplement the native security functionalities with dedicated advanced threat protection (ATP) capabilities.

Gartner says over 50 percent of customers will look for dedicated security tools. MSSPs should look to provide a next-gen email security solution to their customers. This not only solves a real customer problem, but can also:

  • Increase your monthly recurring revenue with a next-gen email security solution as an additional value-added service for your customer
  • Lower analyst workload by blocking threats proactively
  • Enable better translation to real business impact – email addresses are associated with real people in the business rather than just an IP address
  • Reduce risk of liability – if customers are better protected, the chance of a significant breach is lower
  • Ride on the Microsoft Office 365 wave

The transition to Microsoft Office 365 (O365) is interesting as it both presents an opportunity and creates additional fear, uncertainty and doubt in the market. Businesses realize the benefits of moving their IT to the cloud (lower total cost of ownership, easier management, etc.) and email Exchange server was one of the first to move to the cloud.

However, O365 customers are often unsure of the level of security they get. An SMB customer typically evaluates the two Exchange Online Protect plans (EOP 1 and EOP 2). Let’s see what the customer is paying for:

  • In EOP 1, for $4/user/month, customers get the mailbox functionality and known malware protection included with anti-spam and anti-virus. Customer must upgrade to EOP 2 plan at $8/user/month for the addition of DLP functionality.
  • What’s not included is the ATP sandbox. If a customer wants that protection against today’s advanced threats, he needs to pay an additional $2/user/month for the add-on service.

Powering Your Advanced Email Protection Service with SonicWall

This opportunity is ripe, so it’s important that you not only find an effective technology, but a partner that will help you enable your service quickly. To protect against today’s advanced threats, SonicWall’s award-winning solution provides a multi-layered defense mechanism:

  • A multi-engine sandbox to catch the most evasive of malware. Our sandbox supports and scans extensive file attachment types and can scan over 70 percent of the files in under five seconds.
  • To stop spoofing attacks, business email compromise and email fraud, powerful email authentication, including SPF, DKIM and DMARC, is automatically included.
  • In-house anti-phishing, anti-spam and multiple anti-virus technologies protect against known threats.
  • Real-time threat intelligence feeds powered by Capture Labs that include signatures of newly found threats and IP based reputation for URL filtering.

Purpose-Built for MSSPs

The SonicWall secure email platform is built with MSSPs in mind to not only reduce the cost of management, but to ensure your brand is at the forefront:

  • Multi-tenant platform with flexible deployment options – hardware, software, virtual and cloud
  • Customizable branded experience
  • Integration with restful APIs and syslog alerting
  • Built-in O365 integration

The SonicWall SecureFirst MSSP program will help you implement the email security solution quickly, reduce time to market and take advantage of this great market opportunity. Some of what the MSSP program includes:

  • Service description templates
  • MSS pricing option
  • MSS specific setup and operation guides

MSSPs have a major opportunity here to educate their market on the differences between hygiene and security. And SonicWall’s MSSPs are doing exactly that.

A case in point: According to Erich Berger of Secure Designs Inc., a SonicWall SecureFirst MSSP Partner: “Within an hour of being installed it saved one particular customer from an Emotet infostealer malware variant.”

SonicWall Email Security Wins Coveted 2018 CRN Annual Report Card (ARC) Award

Once again, SonicWall Email Security has been recognized at the top of its class for protecting the No. 1 threat vector: email. The solution was named the overall winner by sweeping the 2018 CRN Annual Report Card (ARC) email security category.

The solution has won three prestigious security awards to date in 2018. This is a testament toward the innovation and effort the SonicWall team has invested the last 18 months in key focus areas: advanced threat protection, administrative ease, product support and channel enablement.

“An ARC award is one of the industry’s most prestigious honors. It symbolizes a vendor’s dedication to delivering high quality and innovative product and program offerings to their channel partners,” said Bob Skelley, CEO, The Channel Company. “CRN’s Annual Report Card provides solution providers with the rare opportunity to offer their invaluable insight on vendors’ products and services, as well as their partner programs. As a result, the technology suppliers are equipped with actionable feedback to bolster their efforts to remain the best-of-the-best.”

The Annual Report Card summarizes results from a comprehensive survey that details solution provider satisfaction across product innovation, support and partnership for hardware, services and software vendors. The vendors with the highest ratings are named to the prestigious Annual Report Card list of winners and celebrated as best-in-class by their partners.

The results also provide the IT vendor community with valuable feedback — directly from their solution providers — that can be used to refine product offerings, enhance support and improve communication with partners.

This year’s group of honorees was selected from the results of an in-depth, invitation-only survey by The Channel Company’s research team. More than 3,000 solution providers were asked to evaluate their satisfaction with more than 65 vendor partners in 24 major product categories.

SonicWall Email Security is a multi-layer solution that protects organizations against advanced email threats such as targeted phishing attacks, ransomware and business email compromise. The key capabilities include:

  • Real-time threat intelligence feeds from over 1 million security sensors deployed globally and delivered through the SonicWall Capture Cloud Platform.
  • Dynamic scanning of suspicious email attachments and embedded URLs using the award-winning, multi-engine SonicWall Capture Advanced Threat Protection (ATP) sandbox service with Real-Time Deep Memory Inspection (RTDMITM).
  • Anti-phishing technology uses a combination of methodologies such as machine learning, heuristics, reputation and content analysis.
  • Powerful antispam and antivirus engines to protect against known malware and spam.

The solution can be deployed as hardened physical appliances, robust virtual appliances or a resilient cloud email security service. And whether an organization uses on-premises email servers or cloud services, such as Microsoft Office 365 or Google G Suite, SonicWall’s solution delivers best-in-class threat protection through seamless and simple integrations.

Given that email continues to be a top attack vector in the cyber arms race, SonicWall is committed to enhancing the solution to better protect its users from advanced email threats.

The 2018 Annual Report Card results can be viewed online at www.crn.com/arc.

Report: Low Confidence in Stopping Business Email Compromise (BEC), CEO Fraud

Email is the primary tool for business communications and it’s used across the globe by organizations of all sizes. So, it’s no surprise that email is also today’s No. 1 threat vector for cyberattacks.

The cyber threat landscape has evolved to a great extent. Today, email attacks are highly targeted and cybercriminals engage in extensive social engineering activities to learn information about their targets in order to craft personalized emails.

Such targeted and sophisticated phishing attacks have a higher success rate than mass campaigns. Users implicitly trust a familiar name or email with personal information. These email may contain malicious attachments, weaponized URLs to deliver malicious payloads, phishing websites with fake login pages to steal login credentials, or malware-less email that seeks confidential information or a wire transfer.

With the changing threat landscape, coupled with the lack of human and financial resources to keep pace, organizations find themselves as susceptible targets for email-based attacks, such as spear-phishing and CEO fraud/business email compromise (BEC).

To that end, SonicWall recently worked with the Osterman Research and surveyed organizations to understand:

  • What are the top concerns for IT security decision-makers?
  • Why are cyberattacks succeeding?
  • How do you evaluate your current security posture?

Some of the key survey findings include:

  • Cyber threats are becoming more sophisticated as well-financed cybercriminal gangs develop improved variants of malware and social-engineering attacks. The perceived effectiveness of current security solutions is not improving – or is actually getting worse – for many organizations.
  • Most decision-makers have little confidence that their security infrastructure can adequately address infections on mobile devices, CEO fraud/BEC and preventing user’s personal devices from introducing malware into the corporate network.
  • To address the worsening threat landscape, security spending at mid-sized and large organizations will increase by an average of seven percent in 2018 compared to 2017.

The white paper also discusses the level of confidence that security professionals have in defending against these advanced threats. For example, 58 percent of those surveyed believe that their current solutions to eliminate malware before it reaches end users are either “very good” or “excellent,” and 55 percent believe that their ability to protect users from ransomware is this effective.

Unfortunately, things get worse from there: fewer than half of respondents believe their ability to block phishing attempts from end-users, eliminate account takeover attempts before they reach senior executives, and protect sensitive data is either “very good” or “excellent.”

Finally, some best practices that decision-makers must consider to protect against these advanced threats are:

  • Deploy a multi-layer approach for email security
  • View security holistically from cloud services to endpoint, with end-to-end monitoring
  • Train all users, including senior executives
  • Use adequate threat intelligence
  • Establish detailed and thorough policies

Get the In-Depth Osterman Report

Download the exclusive Osterman white paper, “Best Practices for Protection Against Phishing, Ransomware and Email Fraud,” compliments of SonicWall. The paper explores issues that security professionals face, how to evaluate your current security posture and best practices to consider implementing for sound email security.

Phishing Threats – How to Identify and Avoid Targeted Email Attacks

Phishing threats have been around for years. By now anyone can easily detect a fake email, right?

Wrong. How confident are you that you wouldn’t divulge your password, credit card info or online identity? Here is a quick refresher on phishing threats and what you can do to protect yourself.

What is Phishing?

As you may already know, phishing threats involve malicious emails that attempt to get you to disclose your personably identifiable information (PII) to compromise your personal identity or corporate data.

Hackers create emails that look like official communications from familiar companies. These are sent to millions of unsuspecting addresses in hopes that someone will follow the links and share sensitive information that the hackers can exploit. These phishing emails employ a variety of techniques.

How to Spot Phishing Attacks

The best way to protect yourself from phishing threats is to recognize and avoid these common phishing tactics:

  • Generic greetings: The opening lines of phishing emails are often very vague and general in nature.
  • Typos or Poor Grammar: A poorly written email is less likely to have come from a legitimate company. In addition, do not be tricked if the email happens to include a legitimate-looking logo.
  • Urgency: Phishing emails often sound alarmist, trying to scare you into taking action (and sharing your information) immediately.
  • Fake Links: Phishing emails routinely obscure the URL addresses, and instead take you to an unsecured site where your sensitive data is solicited. To see exactly where a link will take you, simply hover over it. If in doubt, don’t click it. Instead, open a new browser session and manually enter the address (i.e., don’t copy and paste) you want to visit.
  • Attachments: Delivered via email attachments, malware that is executed (i.e., the attachment is opened) allows a hacker to exploit vulnerabilities on your computer Never open an attachment unless you are sure it is legitimate, safe and expected. Be cautious with any unexpected invoices from companies you’re not familiar with, as attachments might contain malware that installs upon opening.
  • Spoofed Sender: Makes it easier for a hacker to impersonate someone you’d normally trust (e.g., coworker, bank, government agency)

Take the Phishing IQ Test

Interested in seeing how well you are at telling the difference between a legitimate website and one that is a phishing attempt? Take the SonicWall Phishing IQ Test to find out.

Is Your Email Security GDPR Ready?

On May 25th 2018, the European Union (EU) will introduce its General Data Protection Regulation (GDPR). The GDPR is a set of regulations meant to protect personal data of EU residents, and enforces data privacy rules on how organizations collect, store and use the information. Failure to comply with the EU GDPR regulation carries heavy penalties including fines of up to €20 Million or 4 percent of global turnover. This includes information exchanged over email. According to Infowatch global data leakage report, email is the second largest channel for data leaks.

Some key elements of the regulation include:

  • GDPR applies to all organizations that process the personal data of subjects residing in the EU, regardless of the organization’s location.
  • Breach notification will become mandatory, and must be done within 72 hours of first having become aware of the breach.
  • EU residents have the right to obtain confirmation as to whether or not personal data concerning them is being processed, where and for what purpose.
  • The right to be forgotten entitles the residents to have the organization erase his/her personal data, and cease further dissemination of the data
  • Privacy by design calls for the inclusion of data protection from the onset of the designing of systems, rather than an addition.

Here are certain implications of GDPR on an organization’s emails and email security:

  • Personal data is classified as any information that includes personal email addresses, phone numbers etc. that are commonly used for marketing.
  • Organizations in regulated industries such as retail, finance and healthcare have to deal with added layers of complexity to comply with competing regulations
  • To implement appropriate technical measures to comply with “privacy by design,” organizations must include email encryption and compliance capabilities to their email security infrastructure.

To comply with GDPR, key capabilities to consider while evaluating your email security include:

  • A comprehensive multi-layered approach that provides strong inbound and outbound protection
  • Sandboxing and quarantining of any unknown email attachments to prevent breaches
  • Strong encryption and DLP for compliance and regulatory requirements

Download our tech brief to learn more about SonicWall Email Security’s compliance and encryption service, and how it can help you comply with the EU GDPR.

SonicWall Annual Threat Report Reveals the State of the Cybersecurity Arms Race

In the war against cyber crime, no one gets to avoid battle. That’s why it’s crucial that each of us is proactive in understanding the innovation and advancements being made on both sides of the cybersecurity arms race. To that end, today we introduced the 2017 SonicWall Annual Threat Report, offering clients, businesses, cybersecurity peers and industry media and analysts a detailed overview of the state of the cybersecurity landscape.

To map out the cybersecurity battlefield, we studied data gathered by the SonicWall Global Response Intelligence Defense (GRID) Threat Network throughout the year. Our findings supported what we already knew to be true – that 2016 was a highly innovative and successful year for both security teams and cyber criminals.

Security Industry Advances

Security teams claimed a solid share of victories in 2016. For the first time in years, our SonicWall GRID Threat Network detected a decline in the volume of unique malware samples and the number of malware attack attempts.  Unique samples collected in 2016 fell to 60 million compared with 64 million in 2015, whereas total attack attempts dropped to 7.87 billion from 8.19 billion in 2015. This is a strong indication that many security industry initiatives are helping protect companies from malicious breaches.  Below are some of the other areas where progress is clearly being made.

Decline of POS Malware Variants

Cybersecurity teams leveraged new technology and procedural improvements to gain important ground throughout the year. If you were one of the unlucky victims of the point-of-sale (POS) system attack crisis that shook the retail industry in 2014, you’ll be happy to learn that POS malware has waned enormously as a result of heightened security measures. The SonicWall GRID Threat Network saw the number of new POS malware variants decrease by 88 percent since 2015 and 93 percent since 2014. The primary difference between today’s security procedures and those that were common in 2014 is the addition of chip-and-PIN and chip-and-signature technology particularly in the United States, which undoubtedly played a big role in the positive shift.

Growth of SSL/TLS-Encrypted Traffic

The SonicWall GRID Threat Network observed that 62 percent of web traffic was Secure Sockets Layer/Transport Layer Security (SSL/TLS) encrypted in 2016, making consumers and businesses safer in terms of data privacy and integrity while on the web. This is a trend we expect to continue in 2017, based on Google’s announcement that it has a long-term plan to begin marking HTTP traffic in its Chrome browser as “not secure.” NSS Labs estimates that 75 percent of web interactions will be HTTPS by 2019.

Decline of Dominant Exploit Kits

We also saw the disappearance of major exploit kits Angler, Nuclear and Neutrino after cybersecurity investigations exposed the likely authors, leading to a series of arrests by local and international law enforcement agencies. The SonicWall GRID Threat Network observed some smaller exploit kits trying to rise to fill the void. By the third quarter of 2016, runner-up Rig had evolved into three versions employing a variety of obfuscation techniques. The blow that dominant exploit kit families experienced earlier in 2016 is a significant win for the security industry.

Cyber Criminal Advances

As with any arms race, advances made by the good guys are often offset by advances made by the bad guys. This is why it’s critical for companies to not become complacent and remain alert to new threats and learn how to counterattack. Below are some of the areas where cyber criminals showed their ability to innovate and exploit new ways to launch attacks.

Explosive Growth in Ransomware

Perhaps the area where cyber criminals advanced the most was in the deployment of ransomware. According the SonicWall GRID Threat Network, ransomware attacks grew 167 times since 2015, from 3.8 million in 2015 to 638 million in 2016. The reason for this increase was likely a perfect storm of factors, including the rise of ransomware-as-a-service (RaaS) and mainstream access to Bitcoin. Another reason might simply be that as cybersecurity teams made it difficult for cyber criminals to make money in other ways, they had to look for a new paycheck.

Exploited Vulnerabilities in SSL/TLS Encryption

While the growth of SSL/TLS encryption is overall a positive trend, we can’t forget that it also offers criminals a prime way to sneak malware through company firewalls, a vulnerability that was exploited 72 percent more often in 2016 than in 2015, according to NSS Labs. The reason this security measure can become an attack vector is that most companies still do not have the right infrastructure in place to perform deep packet inspection (DPI) in order to detect malware hidden inside of SSL/TLS-encrypted web sessions. Companies must protect their networks against this hidden threat by upgrading to next-generation firewalls (NGFWs) that can inspect SSL/TLS traffic without creating performance issues.

IoT Became a New Threat Network

Many people who enjoy using Reddit, Netflix, Twitter or Spotify experienced another of our top threat trends firsthand. In October 2016, cyber criminals turned a massive number of compromised IoT devices into a botnet called Mirai that they then leveraged to mount multiple record-setting distributed denial-of-service (DDoS) attacks. The SonicWall GRID Threat Network found that at the height of the Mirai botnet usage in November 2016, the United States was by far the most targeted, with 70 percent of DDoS attacks aimed at the region, followed by Brazil (14 percent) and India (10 percent). The root cause leading to the Mirai attacks was unquestionably the lax security standards rampant in IoT device manufacturing today. Specifically, these devices do not prompt their owners to change their passwords, which makes them uncommonly vulnerable.

Combatting the New Cyber Threats

It’s worth noting that the technology already exists today to solve many of the new challenges cyber criminals threw at victims in 2016.  SSL/TLS traffic can be inspected for encrypted malware by NGFWs with high-performance SSL/TLS DPI capabilities.  For any type of new advanced threat like ransomware, it’s important to understand that traditional sandboxing solutions will only detect potential threats, but not prevent them. In order to prevent potential breaches, any network sandbox should block traffic until it reaches a verdict before it passes potential malware through to its intended target.  SonicWall’s family of NGFWs with SSL/DPI inspection coupled with the SonicWall Capture multi-engine cloud sandbox service is one approach to provide real-time breach prevention for new threats that emerge in the cybersecurity arms race.

If you’re reading this blog, you’re already taking an important first step toward prevention, as knowledge has always been one of the greatest weapons in the cybersecurity arms race. Take that knowledge and share it by training every team member in your organization on security best practices for email and online usage. Implement the technology you need to protect your network. And most importantly, stay up-to-date on the latest threats and cybersecurity innovations shaping the landscape. If you know where your enemy has been, you have a much better shot of guessing where he’s going.

New SonicWall Email Security 8.2 w. Cyren AV

The foundation of email threat protection has long been anti-virus technology and IP reputation databases. Threat research teams across the globe are hard at work analyzing email, identifying spam and malware, and building anti-virus and IP reputation database libraries to help combat threats. Experts agree that for best threat protection, email security solutions should not rely on a single anti-virus engine or reputation database, but should integrate multiple sources to maximize security effectiveness.

To deliver best-in-class email threat protection, SonicWall Email Security 8.2 includes multiple anti-virus technologies, including SonicWall Global Response Intelligent Defense (GRID) Anti-Virus, SonicWall Time Zero, and premium anti-virus technologies, including McAfee, Kaspersky, and now, Cyren Anti-Virus.

Cyren AV is now included with SonicWall Hosted Email Security and, for customers that prefer an on-prem solution, available with Email Security appliance and software release 8.2, when purchased with the Total Secure subscription service. The SonicWall Email Security offers seamless set-up for IT administrators and provides immediate results.

“Since replacing our Barracuda appliance with SonicWall, we achieved a 95 percent reduction in spam reaching user mailboxes,” saidGary Walker, network administrator, City of Alexandria.

With SonicWall Email Security solutions, our GRID Network performs rigorous testing and evaluation of millions of emails every day, and then reapplies this constantly updated analysis to provide exceptional spam-blocking results and anti-virus and anti-spyware protection.  SonicWall Time Zero Virus Protection uses predictive and responsive technologies to protect organizations from virus infections before anti-virus signature updates are available. Suspect emails are identified and immediately quarantined, safeguarding the network from the time a virus outbreak occurs until the time an anti-virus signature update is available. Moreover, premium anti-virus technology from industry-leading, anti-virus partners including McAfee, Kaspersky, and Cyren provides an additional layer of anti-virus protection, resulting in protection superior to that provided by solutions that rely on a single anti-virus technology. In addition to the multi-layer threat protection and ease of use, the SonicWall solution is affordable and provides low TCO.

“With SonicWall, we have easily saved $30,000, and will save an additional $15,000 each year,” said Walker.

Learn More about SonicWall Email Security

For more information about SonicWall Email Security, please visit our website, refer to the SonicWall Email Security 8.2 release notesor contact a SonicWall representative at 1.888.557.6642, or emailsales@sonicwall.com

Now Available: New SonicWall Email Security eLearning Course

SonicWall SES eLearning course has had a makeover! And how! With recent upgrades to the SonicWall SES product suite, it was only natural that the free, Web-based online training that SonicWall offers to various partner channels would also be revised.

Change needs to beget Changed Content!

The newly launched course contains up-to-date information on SonicWall ‘s SES product suite, challenging quizzes, engaging instructional strategies modeled with a constructivist approach, a new course template, colorful and animated screens and smaller course segments to accommodate busy schedules! The course harmonizes various knowledge levels and seeks to provide an enhanced learning experience around the SonicWall SES solution, to supplement the information provided by the product Admin Guide.

Knowledge rests not upon truth alone, but upon error also!

This free, self-paced training instructs you on how to deploy, configure, and maintain the SonicWall Email Security (SES) solution to meet email security and compliance requirements. The Web-based course prepares the students for their CSSA Level Certification exam. All 11 modules of this course are interspersed with challenging quizzes and knowledge checks modeled along Kirkpatrick’s evaluation principles and procedures to integrate learning, behavior, and results.

These knowledge checks have been deliberately left ungraded because their primary purpose is to help you revisit, analyze, or explore a concept based on any prior knowledge or experience in the email security domain. Detailed and analytical feedback is provided to you for most of the quizzes.

The new SonicWall SES course includes behaviorist-oriented, pre-instructional strategies, such as stimulating recall of prerequisites. It also follows a constructivist approach to non-graded quizzes and knowledge checks that provide opportunities for the learners to reflect upon and articulate what they learned using analytical or holistic rubrics.

There are things known, and there are things unknown. And in between are the doors!

The mainstay of the course is that the revised content came straight from the horse’s mouth, figuratively speaking! The subject matter expertise for the content originated not from the product engineers, but from the folks in the middle of all action, at the vanguards of the battle lines, at…, well, you get the idea! We are referring to none other than the omniscient Tech Support folks that provide solutions to any issues you might ever face with your SonicWall SES application. Their repertoire of case studies drawn from real-life customer stories and experiences was the source of much of the course content and helped make it as contextual and real-life as possible.

Knowledge is of two kinds; We know a subject ourselves, or we know where we can find information about it.

Let’s just summarize by stating that the new SonicWall Email Security course is dynamic, right-sized, collaborative, personalized, comprehensive and ““ best of all ““ free! So check it out and send us your feedback.