Endpoint protection has been a cyber security standard for years. But during RSA Conference 2018 at the Moscone Center, it’s clear that it remains a core security challenge for many organizations. Likewise, many cyber security vendors are offering new and better ways to protect end points. While technology for machine learning, artificial intelligence, cloud and application security all still had their place in the RSA speaking sessions, a new era of endpoint protection that’s connected, transparent and easy to manage was on display.
In preparation for the upcoming publication of the 2018 Annual SonicWall Threat Report, we’re busy reviewing and analyzing data trends identified by SonicWall Capture Labs over the course of 2017. The SonicWall Capture Labs Threat Research Team gathers, analyzes and vets cross-vector threat information from more than 1 million sensors around the world, performs rigorous testing and evaluation, establishes reputation scores for email senders and content, and identifies new threats in real-time.
History is full of people who’ve labored over missed opportunities. Like all other non-bitcoin-owning people, I am one of them. I first heard of cryptocurrency in early 2013 and scoffed at the idea that something with no intrinsic or collectable value would trade for $20. The concept of owning a portion of a cryptographic code — and it having actual value — is still hard for many to swallow.
Now that Halloween is over and your coworkers are bringing in the extra candy they don’t want, let’s look back at the last quarter’s results from SonicWall Capture Advanced Threat Protection (ATP) network sandbox service. Grab the candy corn and let’s crunch some data. Note: terms in italics below are defined in the glossary at the bottom to help newbies.
Last month, I wrote how we found nearly 26,500 new forms of malware and shared some general stats. Let’s take a look at the new threats found by SonicWall’s network sandbox, Capture Advanced Threat Protection (ATP). While the general number of new threats dropped, there were some interesting figures and trends to point out.
What Is Bad Rabbit Ransomware? On Tuesday, Oct. 24, a new strand of ransomware named Bad Rabbit appeared in Russia and the Ukraine and spread throughout the day. It first was found after attacking Russian media outlets and large organizations in the Ukraine, and has found its way into Western Europe and the United States.
It was a Tuesday afternoon. Liz, a local attorney with 26 years of experience, had given up. She was easily over 20 hours in to trying to free her computer, with all of her files, from a ransomware attack. She just spent a few thousand dollars on a local IT team to break the encryption and remove the malware.
If anyone ever needs proof on how effective SonicWall Capture Labs is, look back to the WannaCry ransomware attack in May 2017, and just last week the NotPetya malware. In contrast to over 250,000 endpoints compromised in over 150 countries, SonicWall customers with active security subscriptions were largely unaffected. Why were they unaffected?
Will you be ransomware’s next victim? Can ransomware encrypt your data and hold it hostage until you pay a ransom? Organizations large and small across industries and around the globe are at risk of a ransomware attack. The media mostly reports attacks at large institutions, such as the Hollywood Hospital that suffered over a week offline in 2016 after a ransomware attack encrypted files and demanded ransom to decrypt the data.
Business models always have to tackle the method of distribution, will they sell directly or through a channel of distributors or a mix of both. The same is with ransomware developers. Many are electing to take their successful code and sell it as a kit, which eliminates many risks and the hard work of distribution all the while collecting a cut of the prize.