Updated June 28, 2017 –
As I type this, news reports continue to roll in about yet the latest massive global ransomware attack. This time, the payload appears to be a ransomware called Petya. SonicWall Capture Labs identified the original Petya variants in 2016. However, this time it appears to be delivered by Eternal Blue, one of the exploits that was leaked from the NSA back in April.
Every day our children, teachers and administrators log into the network at school. How can you ensure the data travelling across that network is secure from hidden threats and attacks such as ransomware? With SonicWall next-gen firewalls and DPI SSL inspection technology, IT administrators can find threats hidden in encrypted web traffic that cybercriminals don’t want you to discover across your K-12 network.
I often get asked, “Why should we implement SSL inspection? We just upgraded our security from stateful inspection to deep inspection. If something is encrypted, is it not encrypted for a reason, for being secure?” Let me explain…
Back in the day, network traffic was well behaved. If you were a software vendor and wanted to offer a new application, you had to sign up with IANA and get a reserved port for your application.
According to ITC (http://www.idtheftcenter.org) data breaches in the US increased 40% in 2016, and through the first four months of 2017 are up an additional 42% over the same period last year. Just over half of all breaches are caused by cyber attacks, defined by ITC as hacking, credit card skimming and phishing.
Email has been around since the 1970s. Today, everyone and every business uses email for their communications. To put things in perspective, according to Radicati group – 122 business emails were sent and received per user per day in 2015! That is a lot of email for humans to process without making a bad judgement call.
There is no end to the danger of cyber-criminal activities, as long as there is an underground marketplace that makes it almost impossible for authorities to intervene and enforce law and order. We continue to see our adversaries relentlessly going after money by developing and experimenting with different methods and tools against new and existing vulnerabilities, in preparation for the next phase of their business model.