Cybersecurity has dominated our conversation for the past year, and a report from SonicWall, which provides security tools worldwide for networks to email and everything in between, shows where we’re making progress and where new threats lie.
First, the good news. In data gathered in the past year from the SonicWall Global Response Intelligent Defense (GRID) Network, the good guys and the bad guys made advances. The most notable of the advances the company found were:
- The number of new POS (point of sale – mostly credit and debit cards) malware variants decreased by 88 percent since 2015
- SSL and TLS encrypted traffic increased 34 percent year-over-year
- Major exploit kits Angler, Nuclear and Neutrino disappeared
- Unique malware attack attempts dropped to 7.87 billion from 8.19 billion in 2015
On the other hand:
- Ransomware attacks grew 167x from 2014 to 2016 to an astounding 638 million attacks during the year
- SSL/TLS encrypted malware was exploited 72 percent more often in 2016 than in 2015
- Internet of Things (IoT) devices were compromised to launch record-setting DDoS attacks
- Despite significant efforts by Google to patch vulnerabilities, Android continued to be exploited by cyber criminals
SonicWall notes that the technology to solve many of the new challenges cyber criminals threw at victims in 2016 already exists. SSL/TLS traffic can be inspected for encrypted malware by NGFWs (next-generation firewalls), which are hardware- or software-based network security systems that detect and block sophisticated attacks by enforcing security policies at various levels. For any type of new advanced threat like ransomware, it’s important to understand that all network-based solutions should block network traffic until a safe verdict is reached before passing that traffic through to the intended recipient.
In 2017, there are two areas that SonicWall joins us in telling you to be particularly on-guard: ransomware and the Internet of Things (IoT).
Companies in the United Kingdom were 3x more likely to suffer ransomware attacks than in the United States, but don’t breathe easy. The US experienced the highest number of ransomware attacks in 2016 because of large volume of business. While we as individuals and small businesses depend on companies like SonicWall to provide the tools to detect and stop ransomware, we need to follow strict security procedures – all of which should be well-known to us by now:
- Install updates for all of your software for operating systems and apps. They contain the security patches and bug fixes that shore up the breaches in your systems.
- Be extremely careful about the emails you open and the links you click.
- Back up your data continuously to a system that is either not always online or that uses authentication. This will help ensure that you don’t accidentally revert to an encrypted back up if you’re hit.
The IoT has been massively compromised because of poorly designed security systems by device manufacturers. To protect yourself, SonicWall reminds you to make sure your devices are behind next-generation firewalls that scan for IoT-specific malware and that you segregate IoT devices on a separate zone to make sure they don’t affect the rest of your network if they’re compromised. To that, we add that you immediately change user names and passwords – and that you make those passwords strong. Some 70 percent of IoT breaches worldwide are in the US.
More protection was made available for Android mobile phones and devices, but they still remain vulnerable to overlay attacks. SonicWall recommends that companies using Android devices keep the option to “install applications from unknown sources” unchecked and both options to “verify applications” checked. They also recommend you avoid rooting and that you install anti-virus and other mobile security apps – and that you enable “remote wipe” in case your device is stolen or compromised with ransomware.
If you’re interested in a deeper dive and more technical explanations, we invite you to read SonicWall’s whitepaper on cybersecurity.
We can help you with a cybersecurity audit for your office or home and for all mobile devices. Call us – 973-433-6676 – or email us for an appointment.