Cybersecurity News & Trends – 08-11-2023
It’s the middle of August, and SonicWall is having another excellent month. Be sure to check out the Mid-Year 2023 Cyber Threat Report for the latest must-know data and trends in the cybersecurity space.
In industry news, Dark Reading covered the recent rise in ransomware’s victim count. Data Breach Today provided details on a dangerous data leak with the police in Northern Ireland. Bleeping Computer had the lowdown on Missouri’s Medicaid data breach. Hacker News reported on a massive exposure of U.K. voter data.
Remember to keep your passwords close and your eyes peeled – cybersecurity is everyone’s responsibility.
SonicWall News
SonicWall Promotes Michelle Ragusa-McBain To Global Channel Chief
CRN, SonicWall News: SonicWall has promoted Michelle Ragusa-McBain to head its sizable global partner organization, just months after hiring the channel veteran as its North America channel chief. Looking ahead, SonicWall is planning to roll out a “soft launch” of its revamped SecureFirst Partner Program in September, with a full global launch of the new program planned for February 2024, Ragusa-McBain told CRN.
SonicWall Promotes Cisco Vet to Global Channel Leader
Channel Futures, SonicWall News: SonicWall has promoted Michelle Ragusa-McBain to vice president and global channel leader. She joined SonicWall as vice president and North America channel leader in May. A key theme for SonicWall’s channel strategy is embracing an outside-in approach to crafting its strategy and executing with partners. What that means is we’re listening to our partners and customers more than ever before, rather than operating in a vacuum and telling you what you need.
Ransomware Attacks Skyrocket in Q2 2023
Infosecurity Magazine, SonicWall News: “Ransomware attacks surged by 74% in Q2 2023 compared to the first three months of the year, a new report has found.
The 2023 SonicWall Mid-Year Cyber Threat Report observed two “very unbalanced quarters” regarding the volume of ransomware attacks so far this year. SonicWall Capture Labs Threat Researchers recorded 51.2 million attacks in Q1 2023, representing the smallest number of attacks since Q4 2019.”
How Bitcoin Swings Helped Drive an Almost Nin-fold Surge in Cryptojacking attacks in Europe
DL News, SonicWall News: Cryptojacking attacks skyrocketed when Bitcoin prices fell, and could be the overture to something worse, according to SonicWall researchers. These attacks turn victims’ computers into unknowing crypto mining rigs. Bitcoin reached a $68,000 high in November 2021 before crashing down to as low as just above $16,000 in 2022. It currently hovers around $30,000.
Cryptojacking attacks surge 399% globally as threat actors diversify tactics
ITPro, SonicWall News: Security experts have issued a warning over a significant increase in cryptojacking attacks as threat actors seek to ‘diversify’ their tactics. The volume of cryptojacking attacks surged by 788% in Europe during the first half of the year, with attacks in North America also rising by 345%.
SonicWall: Ransomware Declines Further As Attackers ‘Pivot’ Their Tactics
CRN, SonicWall News: Ransomware continued to lose favor among malicious actors during the first half of 2023, but overall intrusions increased as some attackers switched focus to other types of threats, according to newly released SonicWall data. In the cybersecurity vendor’s report on the first six months of the year, ransomware attack volume dropped 41 percent from the same period a year earlier, the report released Wednesday shows.
Evolving Threats – Evolved Strategy
ITVoice, SonicWall News: The ever-evolving cybersecurity landscape is rapidly changing, and businesses must change with it. The massively expanding, distributed IT reality is creating an unprecedented explosion of exposure points for sophisticated cybercriminals and threat actors to exploit.
Britain’s Biggest Hospital Held To Ransom
Cyber Security Intelligence, SonicWall News: SonicWall expert Spencer Starkey said “The healthcare sector continues to be a prime target for malicious actors as evidenced by the recent attack on Barts Health NHS Trust. Not only does this attack risk the potential for exposed patient data, but any significant IT issue that halts patient care poses an immediate threat to life.”
Hackers claim breach is the ‘biggest ever’ in NHS history
Silicon Republic, SonicWall News: Spencer Starkey, vice-president of EMEA at cybersecurity company SonicWall, said that the healthcare sector continues to be a “prime target” for hackers globally. “Not only does this attack risk the potential for exposed patient data, but any significant IT issue that halts patient care poses an immediate threat to life,” said Starkey, referring to the Barts Health cyberattack. The ramifications of an attack on the healthcare sector can be disastrous and it’s important to place the utmost amount of time, money and efforts on securing it.
How to Reach Compliance with HIPAA
TrendMicro, SonicWall News: According to the 2022 SonicWall Cyber Threat Report, healthcare continued a large spike in malware in 2021, at 121%. While the largest jump in IoT malware attacks belonged to healthcare, which saw a 71% year-over-year increase. To shed light on the significance malware can carry, it’s important to look at how recent breaches could’ve been circumvented by abiding to the HIPAA rules and safeguards.
Why Attackers Love to Target IoT Devices
VentureBeat, SonicWall News: Malicious objects were blocked on more than 40% of OT systems. SonicWall Capture Labs threat researchers recorded 112.3 million instances of IoT malware in 2022, an 87% increase over 2021.
Industry News
Zero-day Exploits Cause Rise in Ransomware Victims
Between the first quarter of 2022 and the first quarter of 2023, ransomware’s victim count rose by 143%. As noted in the Mid-Year 2023 Cyber Threat Report, ransomware attacks as a whole are down. So why might the number of victims be up? The answer: zero-day exploits. Ransomware attackers are increasingly choosing to exploit zero-day vulnerabilities when choosing their next targets. The researchers found that threat actors are moving away from classic attack methods like phishing and moving straight to finding zero-day exploits, either on the gray market or through in-house development. The Cl0p ransomware gang may be the most notorious example of this. This year alone they’ve used zero-day exploits to break into multiple large companies with exploits on Fortra’s GoAnywhere software and MOVEit’s file transfer tool. Researchers also found that ransomware groups are moving away from encrypting the victim’s data and moving more toward exfiltrating the data. Gone are the days when a hacked company could find a way to unencrypt its data leaving the attackers in the dust – with the switch to exfiltration, victims can now either pay up or risk having their data sold on the Dark Web. These are concerning trends to see especially when many expect ransomware attack numbers to rebound in the second half of 2023. Robust cybersecurity measures and good cyber hygiene practices are the best ways for organizations to protect themselves from attacks.
Serious Data Mishap Puts Police in Northern Ireland in Danger
The Police Service of Northern Ireland (PSNI) accidentally uploaded a spreadsheet containing the first initials, surnames and locations of all officers and staff on its website earlier this week. The PSNI blamed ‘human error’ for the mistake. The spreadsheet was live on the PSNI website for at least three hours on Tuesday afternoon. Fortunately, the spreadsheet did not include home addresses. PSNI had created the spreadsheet to comply with a freedom of information request, but it’s unclear how it ended up on the website for the public’s view although an investigation is underway. This situation has even higher stakes with the historical context of policing in Northern Ireland. Many of the officers and employees actually hide their employment – some even go so far as to hide it from their families. That means that although it didn’t include home addresses, even the names of employees can have serious consequences. In March, the British government sounded the alarm on terrorism in Northern Ireland following an assassination attempt on a police officer. The head of a cybersecurity firm in Dublin called this leak “the most serious breach” he has ever seen. The information exposed in this spreadsheet could be used not just by petty criminals, but by republican paramilitaries to commit acts of terror against officers. The breach could result in numerous members of the PSNI needing to relocate their homes and families.
Missouri Medicaid Data Exposed in IBM MOVEit Breach
Following the Cl0p ransomware gangs MOVEit file transfer tool attacks, Missouri’s Department of Social Services (DSS) has announced that sensitive healthcare information from Missouri’s Medicaid program was exposed. The attack didn’t actually take place on Missouri’s DSS – it was against IBM, which provides data services to the DSS. IBM stated that they’ve been working with the DSS to minimize the damage from this incident. According to the DSS, the exposed information potentially includes names, department client numbers, dates of birth, benefit eligibility and medical claims information. According to Bleeping Computer, only two Social Security Numbers were included in the breach. The Missouri DSS recommended that all involved individuals freeze their credit to prevent fraud.
Voter Data of Over 40 million Exposed in UK Electoral Commission Breach
Voters in the United Kingdom should be wary as the U.K.’s Electoral Commission has announced that they’ve suffered a “complex” cyberattack. The commission identified the incident in October 2022 but noted that the attackers had access to the system since August 2021. With over a year of free reign inside the Commission’s systems, the threat actors had access to the voter data of 40 million people. The only excluded parties are those who registered anonymously or electors registered outside of the U.K. According to Hacker News, the data included names, email addresses, home addresses, phone numbers, personal images and more. As of now, the identity of the attackers is unknown. It’s also unclear why the Commission waited 10 months to disclose this attack. The Commission’s email server was also exposed which puts anyone who was in contact with the Commission through email at risk. A security watchdog recommended that anyone who has been in contact with the Commission and anyone who registered to vote between 2014 and 2022 should keep a careful eye out for unauthorized use of their personal information.
SonicWall Blog
Why Should You Choose SonicWall’s NSsp Firewalls? – Tiju Cherian
Utilize APIs to Scale Your MySonicWall Operation – Chandan Kumar Singh
First-Half 2023 Threat Intelligence: Tracking Cybercriminals Into the Shadows – Amber Wolff
If It’s Easy, It’s TZ – Tiju Cherian
Sonic Boom: Getting to Know the New SonicWall – Michelle Ragusa-McBain
SonicWall’s Traci McCulley Orr Honored as a Talent100 Leader – Bret Fitzgerald
3 & Free Promotion: How to Upgrade to a Gen 7 NSsp Firewall for Free – Michelle Ragusa-McBain
Monthly Firewall Services Option for Simplicity and Scalability – Sorosh Faqiri
Monitoring and Controlling Internet Usage with Productivity Reports – Ashutosh Maheshwari
SonicWall NSM 2.3.5 Brings Enhanced Alerting Capabilities – Suriti Singh
Is Red/Blue Teaming Right for Your Network? – Stephan Kaiser
NSv Series and Microsoft Azure’s Government Cloud: Strengthening Cloud Security – Tiju Cherian
Four SonicWall Employees Featured on CRN’s 2023 Women of the Channel List – Bret Fitzgerald
NSv Series and AWS GovCloud: Facilitating Government’s Move to the Cloud – Tiju Cherian