LI Tech Advisors Responds To Latest SonicWall Cyber Threat Report 

SonicWall has released their Mid-Year Update: 2021 SonicWall Cyber Threat Report — find out what the experts have to say about it, and what it means for you. 

LI Tech Advisors Responds To Latest SonicWall Cyber Threat Report

SonicWall has released their Mid-Year Update: 2021 SonicWall Cyber Threat Report — find out what the experts have to say about it, and what it means for you.

A recent report by SonicWall offers an informed view of the current cybercrime threat landscape in 2021 — and it doesn’t look good. The many statistics and figures in the report paint a grim picture for small businesses and schools.

Do you know what lessons you should be learning from reports like these?

In order to help you understand the key takeaways from the in-depth research in this report, we’ve gathered key insight from our very own cybersecurity expert,  Anthony Buonaspina (BSEE, BSCS, CPACC), CEO and Founder, LI Tech Advisors.

“Cybersecurity is similar to warfare,” says Anthony. “We ARE at war with cybercriminals, who always seem to find a weakness and exploit it.”

The Growing Threat Of Ransomware

According to this mid-year report from SonicWall on cyber threats, the increase in cyber-attacks on all fronts is increasing at an alarming rate. Over the first half of 2021, cybersecurity experts logged different attack types at the following rates:

  • 2.5 billion malware attacks
  • 32.2 million IoT attacks
  • 304.7 million ransomware attacks

Ransomware is by far the most concerning right now, as the number of attacks has gone up by 150% in comparison to last year.  The main reason for this is it’s the most profitable, accounting for over $6 trillion in illicit gains around the world just this year (according to Cybercrime Magazine). As more and more organizations are having to pay the ransom demanded by attackers, the more incentive these cybercriminal groups have to launch these types of profitable attacks.

Just a few years ago, ransomware wasn’t as big of a concern. While high-profile incidents like the WannaCry attack on the NHS were concerning, they were far and few between. If you had a recent backup of your data in place, you could rely on that to replace your data in the event it was encrypted by ransomware.

Since then, however, the way cybercriminals use ransomware has evolved. They have improved their tactics and capabilities, allowing them to do much more damage, and demand much more money. Characteristics of modern ransomware attacks include:

  • Expanded Timelines: Sophisticated attackers sneak ransomware into a breached network and then lay dormant for weeks or months, ensuring their method of entry isn’t discovered right away. This gives them time to embed themselves, steal data, and more, all before they actually activate the ransomware and infect the systems. Without undertaking extensive forensic processes, an infected business won’t know how far back they need to go to back up their systems. Or, even worse, it will be so far back that they’ve already expunged those backups to make room for more recent versions.
  • Improved Capabilities: Modern forms of ransomware can even target and infect backup hard drives and cloud-based data if the connections are left unsecured. That’s why cybersecurity professionals are now recommending digitally-air-gapped backups as well.

Given the effectiveness of modern ransomware attacks, defensive methods and best practices from just a few years ago are already losing feasibility. According to this SonicWall report “Even if we don’t record a single ransomware attempt in the entire second half (which is irrationally optimistic), 2021 will already go down as the worst year for ransomware SonicWall has ever recorded”.

For the record, however, ransomware attacks will continue at an alarming rate through the remainder of the year. Experts estimate that a ransomware attack will occur every 11 seconds in 2021.

Will Backups Protect You From Ransomware?

Short answer? Not necessarily.

Ransomware groups are now not just encrypting files — they have also found ways to encrypt backups.  That is why some backup solution providers are now offering “air-gapped” or offline backups to protect data from encryption.

However, even with a target organization being able to restore their backups, ransomware groups are now stealing the companies data before encrypting it and holding it hostage until the ransom is paid.  They threaten the company with the release of all their sensitive data and intellectual property online, which carries as much of a threat as encryption. Organizations are then forced to pay the ransom in order to preserve the secrecy of their intellectual property and protect their customers' personally identifiable information.

Education Organizations Are At Especially High Risk Of Attack

This report also sheds light on the increasing rates of cybercrime in our client base —the educational sector. Studies show that education organizations are being targeted at a much higher rate than many other industries.

According to this SonicWall report “By June, government customers were getting hit with roughly 10 times more ransomware attempts than average”, “but in three out of six months during the first half of 2021, education customers saw even more.”

“Based on our experience, most schools are soft targets for cybercriminals since they usually don’t invest enough into the level of security needed to protect their environment,” says Anthony. “The best protection against an attack is taking proactive measures.”

How To Protect Your Organization Against The Rising Tide Of Cybercrime

“It’s a game of measures and countermeasures. For every weakness that a cybercriminal finds, we need to counter it with additional security,” says Anthony. “But, as they say, ‘The Street Always Seems to Find A Way’.”

That’s why you need to remain committed to developing and improving your cybersecurity defense. Here is a list of tips for small businesses and schools to help protect themselves against ransomware cybercrimes and quickly recover if attacked:

  1. Secure Your Hardware: Make sure you are using the latest security patches and complicated passwords are being implemented, and use Two-factor authentication where possible. Also, make sure that you turn on BitLocker device encryption for all your Windows 10 devices and enable remote-wipe any mobile devices that might be lost or stolen in order to protect the data it has access to.
  2. Encrypt And Backup Data: You need to make sure you prevent physical access to sensitive data and also render it useless if it falls into the wrong hands. Data encryption is the best “quick fix” for data breaches. If a data breach should occur, the data would be unusable for unauthorized parties.
  3. Perform A Network Security Scan: You should periodically run a network security scan of your network to see what devices are attached and where security holes may be present.
  4. Train Your Employees: One of the weakest links in your security points is your staff.  Ongoing training is very important to maintain a heightened level of awareness of cyber threats. Invest in a cybersecurity training service that will automatically send out fake phishing attempts to test your employees and train them if they fail.
  5. Invest In Cyber Insurance: Consider investing in business continuity insurance in the event that any of the security measures you have taken fail.  If you fall prey to a ransomware attack, cyber insurance will help you recover by offering financial support to quickly remediate the issue.

You Can’t Ignore Cybercrime And Hope It Goes Away

The cyber threat landscape has continued to evolve and attacks are growing in number and sophistication. On the Internet, all organizations look alike and, big or small — they are as likely to be targeted as not.

It is no longer a random game of chance played by hackers looking to cash in on a few bucks here and there. Cybercrime is big business, with hackers operating with impunity in foreign countries who are more than likely supporting their activities, building an industry that generated massive revenue over the past year.

In summary, there will never be a way to be 100% protected from an attack, or worse, an actual breach. However, by implementing the proper security measures, training, and constant re-evaluation of these security measures, the risk of being infected with ransomware can be dramatically reduced.

Get in touch with the LI Tech Advisors team to discover more about developing a modern ransomware defense.