As predicted, cyber-attacks are rising just as the Ukrainian crisis heats up. As a result, news organizations worldwide are quoting the 2022 SonicWall Cyber Threat Report, topping the best first-day launch in the report’s history. The report found itself in the pages of notable publications like The Seattle Times, The Register, The Telegraph, ZDNet, and The Express. In industry news, turmoil in Ukraine highlights a new round of “wiper” attacks. Ukraine also took the unusual step of asking for the hacker underworld to help protect their infrastructure. Also, as it turns out, cybersecurity burnout is a real thing now, Iranian hackers are stealing passwords, and a cyber firm in Beijing says a US hacker group is targeting research organizations in India, Russia, and China.
SonicWall News
The Register: Bill Conner, CEO of firewall firm SonicWall, told The Register: “Cyberattacks can be leveraged to cause financial loss, create disruption and misdirection, and in extreme cases take down critical infrastructure. Those are key ingredients for causing unrest in any situation, regardless of the parties involved.”
The Telegraph (UK): Cyberattacks could be used as a “key ingredient” to prompt unrest amid the current diplomatic crisis around the escalating situation in Ukraine, a former adviser to GCHQ has said. Bill Conner, the SonicWall chief executive and former advisor to GCHQ, said such activity can be leveraged to “cause financial loss, create disruption and misdirection, and in extreme cases take down critical infrastructure.”
Continuity Central: SonicWall has released its 2022 Cyber Threat Report. This details a sustained surge in ransomware with 623.3 million attacks globally. Additionally, nearly all monitored threats, cyber-attacks and malicious digital assaults rose in 2021, including ransomware, encrypted threats, IoT malware, and cryptojacking.
Tech Target: Cybercriminals are becoming bolder and more prolific in developing and deploying ransomware attacks. According to researchers at SonicWall, who said in its annual threat report that ransomware attacks over the last year have grown by an eye-watering 105%, with 20 attacks being attempted every second.
Ele Times (India): SonicWall, the publisher of the world’s most quoted ransomware threat intelligence, today released the 2022 SonicWall Cyber Threat Report. The bi-annual report details a sustained meteoric rise in ransomware with 623.3 million attacks globally. Nearly all monitored threats, cyberattacks and malicious digital assaults rose in 2021, including ransomware, encrypted threats, IoT malware and cryptojacking.
DC Velocity: Business leaders are worried about the growing volume of malicious attacks on IT networks, and are especially concerned about supply chain vulnerability in 2022, according to a report from cybersecurity firm SonicWall, released this month. The company’s 2022 Cyber Threat Report tracked a 232% increase in ransomware globally since 2019 and a 105% increase from 2020 to 2021. Ransomware is malware that uses encryption to hold a person or organization’s data captive, so they cannot access files, databases, or applications. According to the report, such attacks in the US were up 98% last year and up 227% in the UK.
ZDNet: With over 33 million intrusion attempts in 2021, Brazil is only behind the US, Germany and the UK in terms of ransomware attacks, according to a cyber threats report released by SonicWall. In 2020, Brazil ranked ninth in the same ranking, with 3,8 million ransomware attacks. According to the SonicWall report, Brazil stands out regarding the number of malware attacks. In this category, attacks in Brazil increased over 61% in 2021, with 210 million attacks in 2021, compared to approximately 130 million seen in the prior year.
Seattle Times: According to an annual report from internet security company SonicWall, ransomware volume increased 232% in the last two years. It reported there were more than 623 million ransomware attacks in 2021. SonicWall found that new types of malware detected also increased 65% year over year.
The Chronicle: As major American businesses prepare for possible Russian-led cyberattacks, some Northwest information security experts raise the alarm while others argue many companies are already prepared. According to a new report from SonicWall, ransomware volume increased 232% in the last two years. The annual report also reported more than 623 million ransomware attacks in 2021. In addition, new types of malware detected also increased 65% year over year.
National Cyber Security Center (UK): Ransomware attacks more than doubled in 2021. According to an analysis by researchers at SonicWall, the volume of ransomware attacks rose by 105% in the last year. A total of 623.3 million attempted incidents were recorded in 2021.
Venture Beat: The report comes after several major cybersecurity firms had released data on just how bad things got last year when it came to cyberattacks. For instance, SonicWall reported that the total number of ransomware attacks more than doubled in 2021 — jumping 105% during the year compared to 2020. CrowdStrike, meanwhile, disclosed that data leaks related to ransomware surged 82% in 2021, while the average ransom demand grew 36% to $6.1 million.
Daily Express (UK): A new form of cybercrime, which sees hackers hijack online devices to steal and mine crypto, has become increasingly common worldwide. According to SonicWall, global crypto-jacking crimes rose by almost one-fifth to 91.7 million cases. In the UK, attacks have skyrocketed by 564 percent, rising from less than 66,000 in 2020 to over 436,000 in 2021.
Industry News
Security Intelligence: IBM’s Security X-Force reported a wiper malware — a destructive family of malware designed to permanently destroy data from the target — executing on systems belonging to Ukrainian organizations. Analysts obtained a sample of the wiper named HermeticWiper. It uses a benign partition manager driver (a copy of empntdrv.sys) to perform its wiping capabilities corrupting all available physical drives’ Master Boot Record (MBR), partition, and file system (FAT or NTFS). This is not the first wiper malware targeting Ukrainian organizations X-Force has analyzed. For example, in January 2022, X-Force analyzed the WhisperGate malware and did not identify any code overlaps between WhisperGate and HermeticWiper. Several other outlets also reported and expanded this story, including The Guardian, Help Net Security, BBC, and ZDNet.
Reuters: Top Ukraine security officials in the Republic of Korea (South Korea) said on Friday that his country is requesting Seoul’s assistance in boosting its cybersecurity capability to defend against Russian attacks. As missiles pounded the Ukrainian capital and Russian forces pressed their advance after launching attacks on Thursday, Kyiv asked for more help from the international community. Dmytro Ponomarenko, Ukraine’s ambassador-designate to South Korea, said the websites of the country’s governmental institutions were suffering from Russian attacks. A global cybersecurity firm has also noted that a newly discovered piece of destructive software circulated in Ukraine and has hit hundreds of computers, part of what was deemed an intensifying wave of hacks aimed at the country. Reuters also reports that Ukraine has also asked for help from the hacker underground community to protect critical infrastructure and conduct cyber spying missions against Russian troops, according to two people involved in the project.
ABC News (Australia): Hacker collective Anonymous has disabled several Russian government websites, including the state-controlled Russia Today news service. They had launched cyber operations that briefly took down Russia Today (RT.com) and the websites of the Kremlin, the Russian government, and the Russian defense ministry websites. Russia Today confirmed the attack, saying it slowed some websites down while taking others offline for “extended periods of time.” According to the news outlet, Russia Today’s coverage of the situation in Ukraine has been overwhelmingly from a pro-Russian perspective, showing fireworks and cheerful celebrations in the newly occupied territories.
ZDNet: Employers are already facing something of a dilemma when it comes to cybersecurity in 2022. Not only is the number of attempted cyberattacks escalating worldwide, but employers face the added pressure of a tightening hiring market and record levels of resignations that are also affecting the tech industry. The talent battle has already hit cybersecurity particularly hard. According to a survey of more than 500 IT decision-makers by threat intelligence company ThreatConnect, 50% of private sector businesses already have gaps in their company’s fundamental, technical IT security skills. What’s more, 32% of IT managers and 25% of IT directors are considering quitting their jobs in the next six months – leaving employers open to a cacophony of issues across hiring, management, and IT security. And as ZDNet observes, cybersecurity is challenging work, so beware of staff burnout.
Fortune Magazine: Russia is home to some of the world’s most infamous criminal hackers, some of them state-sponsored, so are broader and stronger cyberattacks coming? And could they hit the West? “I think the risk right now is high and rising,” said Derek Vadala, chief risk officer at the US cyber risk rating firm BitSight. He warned that Western companies should ensure their systems are patched against known vulnerabilities. The UK’s National Cyber Security Centre, a division of the GCHQ spy agency, advised Tuesday that British organizations should “bolster their online defenses” as “there has been a historical pattern of cyberattacks on Ukraine with international consequences.” THIS WEEK, the US Department of Homeland Security also launched a “shields up” drive for critical infrastructure against possible Russian actions. They also warned that all US companies are at risk.
ZDNet: Hackers linked to the Iranian Ministry of Intelligence and Security are exploiting a range of vulnerabilities to conduct cyber espionage and other malicious attacks against organizations worldwide, a joint alert by US and UK authorities has warned. The advisory issued by the FBI, CISA, the US Cyber Command Cyber National Mission Force (CNMF), and the United Kingdom’s National Cyber Security Centre (NCSC) says an Iranian government-sponsored advanced hacking operation known as MuddyWater is going after a wide range of targets.
The Hindu (India): A new report from a Beijing-based cybersecurity firm said hackers linked with the US National Security Agency (NSA) were found to have inserted “covert backdoors” that may have given them access to sensitive information in dozens of countries, including India, Russia, China and Japan. Among the reportedly compromised websites listed in the report were those linked to one of India’s top microbial research labs —the Institute of Microbial Technology (IMTech) under the Council of Scientific & Industrial Research — as well as the Indian Academy of Sciences in Bengaluru. In addition, websites linked to the Banaras Hindu University were also hacked into. The Beijing-based cybersecurity firm Pangu Lab released a technical report explaining how it had found the backdoors and attached it to “unique identifiers in the operating manuals of the NSA” that had come to light in the 2013 leak of NSA files by insiders.
In Case You Missed It
