Latest News

Recognizing 2022 World Password Day, here are four countermeasures to keep you safe from malware and ransomware. Time to level up!

You are not paranoid; cybercriminals really are trying to hack your security and steal your information. And the proof is in the numbers.

According to the 2022 SonicWall Cyber Threat Report, there were 623 million ransomware attacks globally, a 105% increase over 2020. There was also a sharp triple-digit increase in encrypted threats, rising to an astounding 10 million attacks. And as if you didn’t have enough to worry about, cryptojacking is on an upswing with 97 million incidents recorded, a 19% increase year-over-year.

Some people may choose to ignore the data and throw caution to the wind. If they’re lucky, a hack will be a minor inconvenience, and their anti-virus software will stop the malware before it can cause serious damage. However, if they’re among the growing thousands of victims each year, hackers will force them to pay a ransom for their precious data, steal their identity or just wipe out their devices completely.

And you wonder, what could be worse?

One hack of a single individual can lead to a cascade of hacks and much larger problems. For instance, hackers can break into your personal computer without you knowing it, add malware to one of your devices that unpacks wherever you go, bypassing firewalls and other security, straight into your home network, friend’s home, the library, and your workplace.

We all could stand to be a little more careful. A “cybersecure mindset” protects you, your devices, and your data and everywhere you connect your devices. So, when we say, “Be Cyber Smart and Lock It Down,” what we mean is taking personal responsibility for not only how you connect but also actions you take to keep yourself secure.

Here are FOUR COUNTERMEASURES that everyone can use to level up and lock it down:

1. PROTECT yourself.

Start with passwords and lockdown your devices, software and information with strong ones that protect you from becoming an easy hack. There are some basic rules for good passwords. The first is the length – a minimum of 14 characters but 16 is better, with a mix of uppercase and lowercase letters, plus numbers: security experts recommend at least 4 non-repeating numbers. And don’t forget symbols (ex: @ # $), at least one but two is better. Check with your service provider; they may have specific requirements like the length and number, and type of symbols. One very important rule: ensure that your passwords are unique for each use. Avoid obvious sources like your address, recognizable names, dates, and phone numbers. Avoid any information that someone may learn by reading your social media profiles. Another important rule, USE YOUR PASSWORDS and turn on two-step authentication (2FA) wherever you can. Many phones allow biometric recognition to validate you and simplify logging in for each access. There’s more to know about passwords, check out this article we found from Help Net Security.

2. PROTECT your personal identification.

Privacy is a matter of personal choice. We want to open some things for the sake of convenience (shopping and health apps, for instance). However, the privacy settings you set on your devices and apps could also open you up to hacks. Being “smart” about your cybersecurity means knowing how hackers attack devices and steal information from open apps. It also means being aware of where your personal information winds up. Security experts recommend that you set your privacy settings based on actual need for specific tasks. For instance, change your privacy settings when conditions change, like when traveling or using public networks (e.g., coffee shop Wi-Fi, more on that later).

3. PROTECT your data.

Maybe it seems obvious, but your data (photos, reports, accounting, proprietary documents) are your most vulnerable possessions. We also want to take extra care of our social security numbers, bank accounts, and credit card numbers. And all of that is at risk when we leave it in open apps (no password) or send it on unencrypted emails. So please keep it safe and LOCK IT DOWN! And be very wary of phishing campaigns. Hackers use any means they can to break into your devices and network. For example, they’ll spoof organizations you trust, friends, family members, co-workers, or even your boss. Phishing messages can come by email or phone text. Some of these messages look very authentic. We’ll go into more detail about how to detect phishing messages in another post, but you can make a personal policy to never share private information via email or text with anyone.

4. PROTECT your devices.

If you didn’t know already, public Wi-Fi hotspots are not secure. Unfortunately, that means the public hotspots at your favourite coffee shop, restaurants, shopping malls, libraries, and especially airports. With minimal knowledge and equipment, hackers can scan unencrypted data streams that contain passwords and account information that you send and receive. Several years ago, scammers took it further and created elaborate spoof Wi-Fi networks with name and branding marks similar to what people expected. However, there are several things you can do to lock it down:

• Turn off the Wi-Fi auto-connect feature on your devices. Turn it back on when you need it and choose the networks you want to use.
• Use secure wireless networks that have WPA or WPA2 password protection. Unfortunately, these are uncommon for places like the local coffee shop or the airport, so they may be challenging to find.
• Install mobile security software with malware and virus detection for laptops, pads, and phones. You may also install a VPN (a virtual private network) that encrypts your data stream even if the Wi-Fi network does not.

Do what it takes to adopt a Cybersecure Mindset.

Remember that when it comes to cybersecurity, the human element can be the strongest or weakest point in the armor.

Human behavior is without doubt the biggest culprit in IT security incidents. This is evident in email phishing. It deceives people into clicking on malicious links or attachments. This makes it difficult to distinguish between legitimate emails and potential threats. According to a study by Myers-Briggs, a research company based in the UK, 80% of companies believe human factors, such as mistakes or leniency with login security, are a major cause of cybersecurity risk. Therefore, it is vital that we do what it takes to adopt a ‘cybersecure mindset’ to protect our homes, communities and our workplaces.

Being aware is not being paranoid; it recognizes that cybercriminals really are trying to hack our security, steal our property, and do us great damage.

#BeCyberSmart

Introduction: 2021: A Turning Point in the War on Ransomware

Five years ago, a debate erupted surrounding the infamous NotPetya cyberattack: Did it constitute an act of war?

This issue continued to be debated in the courts throughout 2021, but on the battlefields of business networks around the world, cybercriminals were launching a full-bore offensive.

Ransomware climbed an unprecedented 105% in 2021, and the explosive growth of strategies such as double and even triple extortion ensured that these attacks were more successful than ever. But as cybercriminals have grown more sophisticated and successful, they’ve also grown more ruthless — many of the high-profile ransomware attacks in 2021 looked more like acts of war than ever before, endangering our food supply, our water supply, our fuel supply, our hospitals and our municipalities.

That the courts ultimately decided cyberattacks such as NotPetya do not, in fact, constitute acts of war is irrelevant: Fed up with cybercriminals growing rich off their constituents, leaders around the world — from the local level to the international stage — have brought the war to them.

The UN Cybersecurity Open-Ended Working Group in March 2021 endorsed a report containing cybersecurity recommendations, the first time that a process open to all countries has resulted in consensus on international cybersecurity.

In May 2021, U.S. President Joe Biden issued a sweeping executive order on cybersecurity, which unifies cybersecurity standards across government agencies, emphasizes zero-trust principles and provides specific timelines for action.

In July, INTERPOL held its forum on ransomware. Advising that effectively preventing and disrupting ransomware would require “adopting the same international collaboration used to fight terrorism, human trafficking or mafia groups,” the group called for police agencies worldwide to form a global coalition with industry partners to stop ransomware’s exponential growth.

But perhaps the biggest testament to the threat ransomware poses to national security is the involvement of the U.S. military. In an interview with The New York Times, U.S. Cyber Command head Gen. Paul M. Nakasone explained that, while he once saw ransomware as the responsibility of law enforcement, attacks such as Colonial Pipeline and JBS represented a big enough threat to the nation’s critical infrastructure to warrant a more aggressive approach.

But this approach likely won’t include boots on the ground — an option that proves challenging given that a vast majority of these ransomware operators are in other countries, most of which are not U.S. allies and tend to only go after cybercriminals when it serves their agenda.

While high-profile arrests of cybercriminals continue, such as the REvil takedown in early 2022, they have been largely ineffective in stemming the tide of ransomware itself. The amount of time and resources required for each bust means that the criminal justice system is unable to keep up with the huge number of ransomware operators. And due to the lucrative nature of ransomware, as soon as one group is taken down, new ones rise to fill the void.

Instead, this approach will look a lot like their most ruthless attacks on civilians: a direct assault on their infrastructure. Pressure on the U.S. government to deploy intelligence and military solutions to attack the servers, networks and more used for cybercrime, dissemination of stolen data on the dark web and storing cryptocurrency payments is growing.

While he refrained from giving details, Nakasone confirmed that the military has taken an offensive stance against ransomware groups. One known example is when Cyber Command assisted in the recovery of millions in ransom that Colonial Pipeline paid to attackers.

Though recoveries such as this have historically been rare, this may be the first in an emerging trend. A major factor credited in this recovery is the work of a recently formed Ransomware and Digital Extortion Task Force. In an interview with Reuters, a senior U.S. DOJ official said the formation of this task force “elevates investigations of ransomware attacks to a similar priority as terrorism.”

As the amount of media attention and government involvement in the wake of high-profile attacks increases, these groups have grown wary, with many laying low or disappearing altogether. This could lead to groups lowering ransom demands in hopes of flying under the radar and continuing to hack another day — which could contribute to fewer attacks if success no longer means netting a life-changing fortune for the entire syndicate.

In other words, in the end, the most lethal shots to ransomware may well be the ones that hit where it hurts most: the wallet.

Read the full 66 page report here: https://www.sonicwall.com/medialibrary/en/white-pa...

• National Cyber Security Centre (NCSC) explains the logic behind its long-standing password advice for the first time
• Using three random words is more secure than traditional advice built around ‘password complexity’, experts argue
• Approach allows creation of passwords to ‘keep the bad guys out’ whilst remaining easy to remember

Cyber security experts have today (Friday) revealed in depth for the first time the logic behind their advice to use three random words when creating passwords.

In a new blog post, experts at the National Cyber Security Centre (NCSC) – which is a part of GCHQ – said a key reason for using three random words is they create a password which is easy to remember and strong enough to keep online accounts secure from cyber criminals.

The blog post noted that using three random words to coin a password is more effective than traditional advice to create complex passwords, which can be difficult to remember and yet guessable for criminals.

Other reasons for choosing the three random words approach were:

• Length. Passwords made from multiple words will generally be longer than passwords made from a single word and therefore meet minimum length requirements.
• Impact. 'Three random words' contains all the essential information in the title, and can be quickly explained, even to those who don't consider themselves computer experts.
• Novelty. A password containing multiple words encourages a range of passwords that have not previously been considered.
• Usability. It’s easier for users to enter a three random word password than one which contains a complex range of characters.

NCSC Technical Director Dr Ian Levy, said:

“Traditional password advice telling us to remember multiple complex passwords is simply daft.

“There are several good reasons why we decided on the three random words approach – not least because they create passwords which are both strong and easier to remember.

“By following this advice, people will be much less vulnerable to cyber criminals, and I'd encourage people to think about the passwords they use on their important accounts, and consider a password manager.”

Rocio Concha, Which? Director of Policy and Advocacy, said:

“Ensuring you use strong yet memorable passwords online and with smart products is more important than ever – our research has repeatedly highlighted poor security practices in a range of connected devices, from routers and wireless cameras to apps.

“There’s a reason why new legislation announced by the government to improve standards for smart devices includes a ban on generic default passwords – these can make it easy for hackers to take control of devices or even your home network.

“Strong passwords can stop cyber criminals in their tracks, and we’d urge everyone to ensure they adopt good practice to safeguard their data and privacy.”

Creating passwords using three random words is one of the six key steps recommended by the cross government Cyber Aware campaign to protect accounts and devices from most cyber crime. More information can be found at cyberaware.gov.uk.

No matter how complex, every business and network must be protected from vulnerabilities, cyber threats and attacks as soon as they occur, not minutes, hours, or days afterwards.

To find the right firewall for you and your business’s network, call our team today on 0330 1340 230 or email enquiries@sonicwall-sales.com.

While the internet offers us a wealth of incredible information and advice, you’ll find there are so many online security myths out there today. When you start to believe these myths, you put your business and systems at risk. Today we’re here to debunk some of the top myths our team of SonicWall Sales experts has seen over the years. We’ll put your mind at rest and help you find the best SonicWall firewall solution to fit your business needs.

These are just five of the top online security myths we are constantly hearing today. If you have thought one of these myths is true for a while now, it’s time to start protecting your systems from potential attacks. With options on offer for companies of any size, it’s never too late to start protecting your work further. For more information about using a SonicWall firewall and how it can help your company, contact us today to discuss these security solutions with our team.

Endpoint protection is an approach to computer protection where computer networks are remotely bridged to client devices. With this type of security, you’ll find that there are many benefits to your business. With more concerns coming up each year surrounding computer security, we highly recommend taking the time to consider what the best option for protecting your business next year is. These are just a few of the reasons to consider endpoint protection with the help of a SonicWall firewall this year.

As a business owner, looking after your computer systems should be one of your top priorities at all times. We highly encourage you to think about how you can protect your systems moving forward and ensure you put the needs of your business first at all times. With technology constantly changing, you need to think about looking after your business for many years to come, as there are always new threats out there to contend with. We recommend contacting our team today if you are looking for a SonicWall firewall so that we can discuss the best options for your needs. Our friendly team will be here to help with your endpoint protection and allow you to enjoy all of the benefits we’ve shared above.

For anyone who is familiar with SonicWall firewalls, you might have heard about the new SonicWall TZ firewall. This is one of the most exciting additions to their product range, and our SonicWall support team is thrilled to share more about this solution with you today. Let’s take a look at some of the top reasons you should upgrade to this latest product this year.

These are just a few of the top reasons that we recommend anyone upgrades to the SonicWall TZ firewall this year. You’ll find that it’s a good solution for businesses of any shape and size, and our team will be here to ensure that you are fully protected for many years to come. If you have further questions about finding the right firewall for your business, contact our team today. We’ll discuss the solutions that are currently on offer for your business and help to match you with the right one to protect you and your team regardless of what industry you are operating in.

If you’ve been using a SonicWall firewall for some time now, you no doubt wonder who first came up with this excellent security solution. The firewall is one of the best things to happen to businesses. Of course, as with any incredible invention, many people claim they are the father of the firewall. Keep reading as we head back in time to learn who invented the firewall.

There’s no clear answer to the question of who invented the firewall, but it appears to be a joint effort that brought us to where we are today. While we’re sure many people would like to claim the title of the father of the firewall, it’s important that we realise that so much time and technology went into protecting our businesses today. No business should be operating without a firewall, as it’s one of the best solutions for businesses working online. Are you ready to upgrade your firewall solution this year? Contact our team today or check our page for more information about the best firewall options for your business.

Read the next blog: The Top Online Security Myths

This is an announcement from SonicWall on Monday 1st November 2021

Why is SonicWall increasing prices?
Like every business in nearly every industry, SonicWall is not immune to global supply-chain challenges. To date, we’ve worked tirelessly to absorb industry-wide cost increases for our distributors and partners as component constraints, staffing shortages and shipping challenges continue to impact the global economy.

Is this a temporary price increase?
No, this is not temporary. Like every other security vender, SonicWall continues to see increased hardware, services, support and logistics costs, including a 700% increase in shipping container costs; 400% increase in chip costs; 1500% increase in memory costs; 400% increase in air freight costs; and 12-plus weeks for door-to-door ocean freight deliveries.

When will my distributor have new pricing?
SonicWall distributors will have new pricing available on December 1, 2021.

How do I find my new prices?
Contact your distributor on or after December 1, 2021.

Does this increase apply to all products?
While we routinely evaluate cost structures, this announcement only applies to Gen 7 firewalls (e.g., TZ, NSa, NSsp) and services for those products.

Why are services included in the price increase?
Service SKUs also include hardware costs, so services also are impacted by the same supply-chain challenges. To offset some of these increases, SonicWall is evenly distributing increases across the entire Gen 7 portfolio.

Cloud security is something almost any business needs to pay more attention to in this day and age. If you haven’t taken the time to think about the cloud and the security solutions you need for your business, we encourage you to keep reading as we share the best practices for cloud security. SonicWall firewalls software is one of the best solutions for cloud security, and we’d highly encourage you to invest in this solution to protect your business in the future.

Cyberattacks are continuing to increase in regularity following the recent pandemic. With criminals finding new ways to attack businesses, you need to ensure you are doing everything in your power to protect yourself this year. Contact our team today for more information about how SonicWall firewalls can help to protect your business. It’s never too late to start making changes to the way you operate. By following the best practices for cloud security we shared above, you can protect yourself and your employees for many years to come.