Firewall News

Top Menu

  • Home
  • Our Blog
  • Contact Us

Main Menu

  • Software Updates
  • Alerts & Bugs
  • Out of the Box
  • Home
  • Our Blog
  • Contact Us

Firewall News

Firewall News

  • Software Updates
    • WatchGuard logo

      TDR 6.0.0 is now integrated into WatchGuard Cloud

      04/01/2021
      0
    • Sophos Logo

      XG Firewall 17.5 MR14 Released

      30/07/2020
      0
    • Sophos Logo

      Sophos Firewall Manager SFM 17.1 MR4 Released

      27/07/2020
      0
    • Sophos Logo

      Sophos Enterprise console - Endpoint Security and Control v10.8.9 for Windows has ...

      16/07/2020
      0
    • Sophos Logo

      Sophos iView v3 MR-2 Released

      07/07/2020
      0
    • Sophos Logo

      SD-RED Firmware 3.0.002 Pattern Update

      06/07/2020
      0
    • Sophos Logo

      XG Firewall 17.5 MR13 Released

      06/07/2020
      0
    • Sophos Logo

      End-of-Life (EoL) announcement for old firmware v17 and v17.1 for XG Firewall

      03/07/2020
      0
    • WatchGuard logo

      Fireware 12.5.4 Now Available

      01/07/2020
      0
  • Alerts & Bugs
    • Sophos Logo

      Advisory: Sophos Central Maintenance scheduled for Saturday, April 2nd, 2022

      29/03/2022
      0
    • Sophos Logo

      Sophos: Important Product Lifecycle Updates

      03/03/2022
      0
    • WatchGuard logo

      WatchGuard Support Alert

      23/02/2022
      0
    • Sophos Logo

      Sophos: Important Product Lifecycle Reminder

      03/02/2022
      0
    • Sophos Logo

      Sophos: Product Lifecycle Information: Extended Support for Windows 7 and Windows Server ...

      31/01/2022
      0
    • Sophos Logo

      End-of-Life (EoL) announcement for Sophos SSL VPN Client

      29/11/2021
      0
    • WatchGuard logo

      WatchGuard: macOS Monterey 12.0.1 Does Not Support the AuthPoint Logon App

      09/11/2021
      0
    • Sophos Logo

      Sophos UTM Manager (SUM) End of Distribution

      04/11/2021
      0
    • WatchGuard logo

      WatchGuard: End of Sale Notice: AP420

      01/11/2021
      0
  • Out of the Box
    • WatchGuard’s Firebox T80 Earns 5-Star Rating in SC Labs Review

      17/11/2020
      0
    • WatchGuard Wins Big in CRN 2020 Tech Innovator Awards

      16/11/2020
      0
    • Coronavirus scams: what to look for and how to stop them

      02/04/2020
      0
    • Dell SonicWALL TZ 300

      Out the Box - Dell SonicWALL TZ 300

      05/07/2016
      0
    • Dell SonicWALL TZ SOHO

      Out the Box - Dell SonicWALL TZ SOHO

      05/07/2016
      0
    • WatchGuard Firebox T50

      WatchGuard Firebox T50

      31/03/2016
      0
    • WatchGuard Firebox M200

      WatchGuard Firebox M200

      31/03/2016
      0
SonicWALL
Home›Software Updates›SonicWALL›Dell SonicWALL Annual Threat Report 2014

Dell SonicWALL Annual Threat Report 2014

By admin
16/04/2015
2598
0
Share:

Dell report analyzes the most common attacks observed in 2014 and how emergent threats will affect organizations throughout 2015

Research shows a rise in point-of-sale (POS) malware variants and attacks against payment card infrastructures targeting retail organizations

More companies were exposed to attackers hiding in plain sight as a result of SSL/TLS encrypted traffic

Research found a 100 percent increase in attacks against industrial control (SCADA) systems

Dell today announced the results of its annual Threat Report, which leverages research from Dell’s Global Response Intelligence Defense (GRID) network and telemetry data from Dell SonicWALL network traffic to identify emerging threats and equip organizations of all sizes with insights to improve their security posture.

Analyzing Dell data sources and the 2014 threat landscape, this year’s report found a surge in point-of-sale (POS) malware, increased malware traffic within encrypted (https) web protocols, as well as twice the number of attacks on supervisory control and data acquisition (SCADA) systems over 2013. The Dell Security Threat Report aims to equip organizations with practical, evidence-based advice to help them more effectively prepare for and prevent attacks, even from threat sources yet to emerge.

“Everyone knows the threats are real and the consequences are dire, so we can no longer blame lack of awareness for the attacks that succeed,” said Patrick Sweeney, executive director, Dell Security. “Hacks and attacks continue to occur, not because companies aren’t taking security measures, but because they aren’t taking the right ones.”

Retail industry experiences surge in point-of-sale (POS) malware and attacks

The retail industry was shaken to its core in 2014 after several major brands experienced highly publicized POS breaches, exposing millions of consumers to potential fraudulent purchases and risk for identity theft. Forrester Research notes, “The major breaches of 2013 and 2014 brought to the fore the lack of security surrounding point of sale (POS) systems, the risks involved with third parties and trusted business partners, and the new attack vectors opened through critical vulnerabilities such as Heartbleed.”

The report shows that these retailers were not the only targets, as Dell also saw a rise in POS attacks attempted among Dell SonicWALL customers.

  • The Dell SonicWALL Threat Research Team created 13 POS malware signatures in 2014, compared to three in 2013 for a 333 percent increase in the number of new POS malware countermeasures developed and deployed.
  • The majority of these POS hits targeted the U.S. retail industry.

In addition to the increased quantity of attacks, Dell threat researchers observed an evolution of POS malware tactics.

“Malware targeting point-of-sale systems is evolving drastically, and new trends like memory scraping and the use of encryption to avoid detection from firewalls are on the rise,” said Sweeney. “To guard against the rising tide of breaches, retailers should implement more stringent training and firewall policies, as well as re-examine their data policies with partners and suppliers.”

More companies exposed to attacks within “secure” HTTPS web protocol

For many years, financial institutions and other companies that deal with sensitive information have opted for the secure HTTPS protocol that encrypts information being shared, otherwise known as SSL/TLS encryption. More recently, sites such as Google, Facebook, and Twitter began adopting this practice in response to a growing demand for user privacy and security.

While this move to a more secure web protocol is a positive trend, hackers have identified ways to exploit HTTPS as a means to hide malicious code. Given that data (or in this case malware) transmitted over HTTPS is encrypted, traditional firewalls fail to detect it. Without a network security system that provides visibility into HTTPS traffic, organizations run the risk of letting malware from sites using HTTPS enter their systems and go undetected.

Dell’s research saw a rise in HTTPS traffic in 2014, which could lead to an increase in attacks leveraging encrypted web traffic in 2015:

  • Dell saw a 109 percent increase in the volume of HTTPS web connections from the start of 2014 to the start of 2015.
  • Encrypted malware attacks have already begun to target mainstream media sources. In December 2014, Forbes’ Thought of the Day interstitial page was hijacked by Chinese hackers to distribute malware over a three-day period.

“Managing threats against encrypted web traffic is complicated. Just as encryption can protect sensitive financial or personal information on the web, it unfortunately can also be used by hackers to protect malware,” said Sweeney. “One way organizations mitigate this risk is through SSL-based web browser restrictions, with exceptions for commonly used business applications to avoid slowing company productivity.”

Attacks double on supervisory control and data acquisition (SCADA) systems

Industrial operations leverage SCADA systems to control remote equipment and collect data on that equipment’s performance. Attacks against SCADA systems are on the rise, and tend to be political in nature as they target operational capabilities within power plants, factories, and refineries.

Dell SonicWALL saw an increase in SCADA attacks against its customer base this year.

  • 2014 saw a 2x increase in SCADA attacks compared to 2013.
  • The majority of these attacks targeted Finland, the United Kingdom, and the United States; one likely factor is that SCADA systems are more common in these regions and more likely to be connected to the Internet.
  • Buffer overflow vulnerabilities continue to be the primary point of attack.

“Since companies are only required to report data breaches that involve personal or payment information, SCADA attacks often go unreported,” said Sweeney. “This lack of information sharing combined with an aging industrial machinery infrastructure presents huge security challenges that will to continue to grow in the coming months and years.”

Additional predictions: two-factor authentication, mobile malware, and Bitcoin

Dell’s Threat Report also identified the following trends and predictions, which are discussed in further detail in the full report.

  • More organizations will enforce security policies that include two-factor authentication. Along with this development we will see an increase in attacks against these technologies.
  • Android will remain a hot target for malware writers. Dell expects new, more sophisticated techniques to thwart Android malware researchers and users by making the malware hard to identify and research.
    • The emergence of more malware for Android devices targeting specific apps, banks, and user demographics, along with more malware tailored for specific technologies, such as watches and televisions, is expected. 

  • As wearable technology becomes more widespread in the next year, expect to see the first wave of malware targeting these devices. 

  • Digital currencies including Bitcoin will continue to be targeted; Botnets will be involved in the digital currency mining attacks. 

  • Home routers and home network utilities, such as surveillance systems, will be targeted and perhaps used to assist large DDoS attacks. 

  • Electric vehicles and their operating systems will be targeted. 


About the Dell Security Annual Threat Report

The data for Dell’s report was gathered by the Dell Global Response Intelligence Defense (GRID) Network, which sources information from a number of devices and resources including:

  • More than 1 million security sensors in more than 200 countries;
  • Activity from honeypots in Dell’s threat centers;
  • Malware/IP reputation data from tens of thousands of firewalls and email security devices around the globe;
  • Shared threat intelligence from more than 50 industry collaboration groups and research organizations;
  • Intelligence from freelance security researchers; and
  • Spam alerts from millions of computer users protected by Dell SonicWALL email security solutions.

    Supporting Quote:

Brett Hanlon, director of IT Infrastructure, La Jolla Group

“Our defense-in-depth security program, which is powered by Dell SonicWALL solutions, provides the multi-level protection we need to safeguard our corporate network and 18 retail store locations. Not only does Dell SonicWALL help ensure the integrity and safety of personal and financial customer data, it enables us to be more proactive in mitigating the risk of emerging threats with intrusion prevention, malware blocking, content/URL filtering, and application control. Both Dell SonicWALL SuperMassive firewalls and TZ Series Unified Threat Management firewalls are critical assets in La Jolla Group’s overarching security strategy.”

Previous Article

WatchGuard Firebox M500 – The Cure for ...

Next Article

SafeSearch, YouTube for Schools, and Simplified Remote ...

0
Shares
  • 0
  • +
  • 0
  • 0
  • 0
  • 0

Related articles More from author

  • Dell SonicWALL Logo
    Software UpdatesSonicWALL

    Hotfix for SonicWALL GMS and Analyzer vulnerability is now available

    21/07/2016
    By admin
  • SonicWALL

    InfoSecurity Global Excellence Awards Recognizes Dell in 13 Categories!

    22/04/2015
    By admin
  • SonicWall Logo
    Software UpdatesSonicWALL

    SonicWall SonicOS 6.5, the biggest update in company history

    04/10/2017
    By admin
  • SonicWALL

    New 802.11ac SonicPoint Wireless Access Points

    05/01/2015
    By admin
  • SonicWALL

    Introducing Dell Secure Mobile Access 6200/7200 Appliances and SMA OS 11.2

    27/04/2015
    By admin
  • SonicWall SonicOS release
    Software UpdatesSonicWALL

    SonicWall announces two new SonicOS releases

    04/08/2017
    By admin

  • WatchGuard logo
    NewsWatchGuard

    WatchGuard Technologies to Acquire Panda Security, Extending Simplified Security from Network to Endpoint

  • BarracudaNews

    Barracuda launches Cloud Application Protection to secure web apps

  • Firebox_M470
    News

    WatchGuard Now Available: Firebox M370, M470, M570, and M670

  • Recent

  • Popular

  • Comments

  • Sophos Logo

    Advisory: Sophos Central Maintenance scheduled for Saturday, April 2nd, 2022

    By admin
    29/03/2022
  • Sophos Logo

    Sophos: Important Product Lifecycle Updates

    By admin
    03/03/2022
  • Shoring up your cybersecurity posture in light of ongoing crisis

    By admin
    01/03/2022
  • Dell SonicWALL Supermassive

    Ingram Micro gets distribution access to Dell’s security range in Australia

    By admin
    14/06/2016
  • Francisco Partners and Elliott Management to Acquire the Dell Software Group

    Dell Software Group sold to help fund looming EMC deal

    By admin
    21/06/2016
  • WatchGuard Firebox M500 – The Cure for HTTPS Performance Headaches

    By admin
    05/03/2015
  • Paul Sillars
    on
    21/06/2016

    Dell Software Group sold to help fund looming EMC deal

    I received this in ...
  • Paul Sillars
    on
    20/06/2016

    Ingram Micro gets distribution access to Dell’s security range in Australia

    This is going to ...

Timeline

  • 29/03/2022

    Advisory: Sophos Central Maintenance scheduled for Saturday, April 2nd, 2022

  • 03/03/2022

    Sophos: Important Product Lifecycle Updates

  • 01/03/2022

    Shoring up your cybersecurity posture in light of ongoing crisis

  • 23/02/2022

    WatchGuard Support Alert

  • 03/02/2022

    Sophos: Important Product Lifecycle Reminder

Photostream

    FeedBurner Widget

    Sign up to receive email updates and to hear what's going on with our magazine!

    Firewall.News Logo

    This site serves more as a reference point for some of the major security vendor's updates and product/press releases

    It will never be a definitive list, but it helps our customers keep up to date and also allows us to express our comment and observations as well.

    About us

    • PO Box 451, North Lakes, Queensland, 4509, Australia
    • [email protected]
    • Recent

    • Popular

    • Comments

    • Sophos Logo

      Advisory: Sophos Central Maintenance scheduled for Saturday, April 2nd, 2022

      By admin
      29/03/2022
    • Sophos Logo

      Sophos: Important Product Lifecycle Updates

      By admin
      03/03/2022
    • Shoring up your cybersecurity posture in light of ongoing crisis

      By admin
      01/03/2022
    • WatchGuard logo

      WatchGuard Support Alert

      By admin
      23/02/2022
    • Dell SonicWALL Supermassive

      Ingram Micro gets distribution access to Dell’s security range in Australia

      By admin
      14/06/2016
    • Francisco Partners and Elliott Management to Acquire the Dell Software Group

      Dell Software Group sold to help fund looming EMC deal

      By admin
      21/06/2016
    • WatchGuard Firebox M500 – The Cure for HTTPS Performance Headaches

      By admin
      05/03/2015
    • Sophos Logo

      Advisory: Sophos Central Maintenance scheduled for Saturday, April 2nd, 2022

      By admin
      29/03/2022
    • Paul Sillars
      on
      21/06/2016

      Dell Software Group sold to help fund looming EMC deal

      I received this in ...
    • Paul Sillars
      on
      20/06/2016

      Ingram Micro gets distribution access to Dell’s security range in Australia

      This is going to ...

    Follow Me

    • Contact
    • About Us
    • Home