Since the shocking announcement of serious Meltdown and Spectre vulnerabilities in early 2018, we have yet to hear of a mega-breach that would signal the start of another vicious hacking year. Has it been luck? Are our network security defenses stronger? Or are current hacks hiding their efforts? Whatever the situation, the expectations from lessons learned in historical security events are that hacking tools will evolve and new threat vectors will emerge — year after year.
In preparation for the upcoming publication of the 2018 Annual SonicWall Threat Report, we’re busy reviewing and analyzing data trends identified by SonicWall Capture Labs over the course of 2017. The SonicWall Capture Labs Threat Research Team gathers, analyzes and vets cross-vector threat information from more than 1 million sensors around the world, performs rigorous testing and evaluation, establishes reputation scores for email senders and content, and identifies new threats in real-time.
“Inspect every packet, every time.” This has been my advice to any network admin or business owner for many years. This is equally important in regards to encrypted traffic. Much of the Internet has become encrypted, meaning that it can only be perused and accessed over HTTPS. While this rightly includes traffic such as online banking and financial sites, it also now includes webmail, social media, online streaming video, music and even search engines.
The earliest schemes of cryptography, such as substituting one symbol or character for another or changing the order of characters instead of changing the characters themselves, began thousands of years ago. Since then, various encoding and decoding systems were developed, based on more complex versions of these techniques, for the fundamental purpose of securing messages sent and received in written or electronic forms for all sorts of real world applications.
Updated June 28, 2017 As I type this, news reports continue to roll in about yet the latest massive global ransomware attack. This time, the payload appears to be a ransomware called Petya. SonicWall Capture Labs identified the original Petya variants in 2016. However, this time it appears to be delivered by Eternal Blue, one of the exploits that was leaked from the NSA back in April.
According to ITC (http://www.idtheftcenter.org) data breaches in the US increased 40% in 2016, and through the first four months of 2017 are up an additional 42% over the same period last year. Just over half of all breaches are caused by cyber attacks, defined by ITC as hacking, credit card skimming and phishing.