Latest News
Latest blogs and updates from SonicWall-Sales.com
Blocking pesky apps and multimedia sites using application control
One of the most common questions we get asked is how to use the controlled features within firewall software to block pop-ups and apps such as YouTube etc.
Using SonicWall firewall software, we’ll talk you through how to block a program, as well as use some of the advanced features within the operating system.
Blocking programs using SonicWall Firewall
Our step by step guide below is based on the SonicWall management system.
Firstly, you need to login to your firewall system and click on Manage displayed across the top of the bar.
Then look for Rules Advanced Application Control (in some operating systems this page can be found under Security Services.
On this page, you then need to choose and tick the box that states Enable App Control, and for these changes to be accepted, click the Accept button to enable this control feature.
Then within the App Control Advanced and category, choose Multimedia, and click Configure.
Finally, within the Edit App Category window, within the Log and Block criteria, choose to Enable for both of these.
Once complete, click, OK.
If there is a multimedia site or a specific app that you would like to block, for example, YouTube the steps to block individual apps are as follows:
Go into App Control Advanced and look for Advanced Application Control.
Within this section, you can then choose the app or multimedia site in question, i.e., YouTube.
You then need to click Configure.
Again, within the Edit App section, and under the Log and Block criteria, you need to choose the option Enable for the individual site you have selected to be blocked from your network.
To ensure all changes are saved, click OK.
SonicWall Application Control
The SonicWall firewall has several signatures covering a variety of multimedia sites and apps, providing you with the option of whether you would like these programs blocked or not.
It’s important to know how to block unwanted apps and programs on an individual level, but it is also worth noting the signatures included within SonicWALL’s App Control.
The list of most up to date signatures can be found HERE.
Local Area Networks and Application Control
In some instances, it may be applicable to enable application control if you are operating using a Local Area Network (LAN).
To do this, on the top bar, locate Manage, and scroll to Navigate to Network / Zones.
From here, you can simply click on the configure button located under the network zone that you wish to enable the App Control for.
Make sure that you tick the box labelled, Enable App Control Service (found at the bottom right of the pop-up page).
Click OK so all changes can be saved.
Does it work?
This is a good question, and if we’re honest, the only way to truly find out is to test it!
To test, we’d advise you to log in to a site or app that you have recently blocked, such as the YouTube example we mentioned above – and do this from a host behind the SonicWall.
When logging in, use either HTTP or HTTPS, so you get the message reading, `the connection was reset page`. A message will also be logged in the SonicWall, which states that the connection was reset and that ultimately the site you are trying to access is unavailable at the moment.
If you use the HTTPS route, YouTube will display on your screen; however, you won’t be able to see anything or play any videos or content, and a further error message will also be displayed on the screen.
Within your SonicWall firewall, these attempted logins will be recorded for you to see.
If you are using earlier versions of SonicWall
If you are using earlier versions of firmware and SonicOS 6.2, the steps below will allow you to block apps and sites similar to what we have mentioned above.
Firstly, you need to login to your SonicWall management and locate your firewall within the App Control Advanced tab (this page may also be named Security Services).
Make sure to tick the box named Enable App Control - click Accept for all changes to be saved.
Then, in App Control Advanced, View Style, choose within the category, Multimedia.
Click Configure and move to Edit App Category, wherein the Log and Block criteria, change these to Enable.
Finally, hit OK.
Blocking specific and individual apps and sites
Again, we’ll use the example of YouTube as the app to block. Within the App Control Advanced page, look for the View Style Application.
Here you will be able to select the individual site or app you are looking to block/restrict.
Once you have chosen the site, click configure and move to Edit App Control App, change the Log and Block criteria to Enable.
Again, make sure to click OK, so all changes are saved.
SonicWall Firewall settings are designed with users in mind, so you will find them to be straightforward and easy to manoeuvre.
If you want any further information on SonicWall, Firewalls, and how to ensure your networks are 100% protected, call us on
SonicWall launches new range of network switches
Packed with features, these stackable switches are available in a compact form factor with an energy-efficient design. Available in seven models, ranging from eight to 48, with gigabit and 10 gigabit Ethernet ports, the switches work seamlessly with SonicWall next-generation firewalls and SonicWave APs to create an end-to-end multi-gigabit secure network. The Ethernet ports provide PoE options to power on various devices such as APs, VOIP phones and IP cameras.
Learn more: https://www.sonicwall.com/resources/videos/sonicwa...
See here for a list of products.
Increased Connection Capacity on SMA 210 / SMA 410
SonicWall have released the SonicWall Secure Mobile Access firmware 10.0.0.5.
SonicWall SMA 10.0.0.5 is a maintenance release that increases maximum connection capacity and fixes issues found in previous releases. See the Enhancements and Resolved Issues sections for more information (Release Notes).
This release supports all the features and resolved issues from previous SMA 10.0 releases.
You must have an active support agreement on your SMA device in order to download and install updates. SMA appliances and subscriptions can be found here
We are still open for business.
Just a quick update to let everyone know that we are still working 'as normal' and processing orders. Any hardware orders are still being despatched within our standard times and generally still being delivered next working day. Software orders are emailed, and taking about 2 to 3 hours on average, but please allow 24 hours just in case.
Thanks.
VPN Remote Access Licenses
Due to the current Coronavirus (Covid-19) disease pandemic we are pre-generating many of the common licenses required for secure remote access so we can respond to orders quickly.
Different type of clients:
For firewall VPN remote access licenses we will endeavour to get your activation keys to you within the hour during business hours, but we are also periodically checking out-of-hours as well.
SonicWall VPN Clients: https://www.sonicwall.com/products/remote-access/vpn-clients/
The latest Sonicwall Secure Mobile Access and why you should upgrade
Remote working and flexible working are now a big part of the way we work, and businesses and their teams operate.
However, with this comes its own set of challenges.
For example, ensuring that everyone has fast and secure access to networks at any time from anywhere has become part of the norm. But it can also be challenging to provide, manage, and stay on top of.
For several years the Sonicwall Secure Remote Access solution was used for remote personnel located around the world. However, as times change, technology certainly moves at a pace with it.
In business today, we have more users, more applications, and more services than ever before. Ensuring that everyone’s needs and all system needs are taking care of, requires a high performing solution, with the remote access that is 100% secure.
Meet the latest in Sonicwall firewall security.
SMA, also known as Secure Mobile Access by Sonicwall, SMA offers a secure access gateway that is unified and enables businesses to provide access to applications and networks at any time from anywhere.
Offering clients more throughput, more memory, and more users.
It also has the features and capabilities to help businesses move to the cloud without hesitation or complication and welcome with open arms increased mobility and BYOD.
Reasons why people are upgrading to Sonicwall SMA
Smaller cost compared to a physical appliance
Going virtual can help to improve overall performance, offer increased flexibility and scalability, minimise upfront investment, reduce downtime, lower maintenance costs, and more!
Can operate faster
Having faster and more processing cores allows SMA to encrypt data in motion, with the results providing a higher and quicker performance experience for the user.
You can increase your throughput
We all want to deliver that seamless user experience, and by increasing your throughput, you can promote better productivity by providing faster access to network applications.
Serve more remote users
The SMA series offers much more scalability from a single appliance allowing you to manage a more significant number of users accessing the network remotely at the same time without it affecting speed or performance. (This can also be tracked with the firewalls.)
Supports increased bandwidth and data transfers
Organisations must be able to provide users with the necessary support to enable them to access bandwidth-intensive applications as well as carry out high-speed data transfers. With more high-speed ports on offer, the SMA provides the perfect solution.
Everything stays current
Patches must be kept current if they are to remain protected against up and coming as well as already established cyberthreats. All SMA firmware is packed with new features as well as advanced features for those requiring more.
Warranties are important
All IT functions need to ensure that the solution that is deployed is always fully supported, and it has a first-class warranty behind it.
Reduce administrative overheads
By centralising your management and reporting through automating routine tasks, businesses can make significant administrative savings. Freeing up valuable and much sought after time! With the Sonicwall Central Management Server (CMS), you will be provided with a single user administrative interface for all of your SMA appliance management and reporting.
Continue to ensure business continuity
Continue to meet your service level agreements by opting for the right appliances to support your business scalability. Solutions provided by Sonic firewall security series can include Global Traffic Optimiser (GTO) supporting intelligent load balancing and support in the area of failovers.
Store sensitive information and data securely
Providing you with onboard memory, the SMA 6200 and 7200 allows for local storage modules, i.e., logs, file transfer inspections, reports, restores, firmware backup, and much more.
Manage user licences better
For companies that operate on a global level, central user licensing through CMS can help to manage the fluctuating demand from users managed SMA appliances, based on their usage.
Sonicwall NSA Firewalls
Sonicwall SMA can fit seamlessly into any existing IT infrastructures, offering users advanced security, secure access to networks, and cloud resources, as well as providing a more centralised approach when providing remote and mobile access.
For further information on the Sonicwall firewall series, contact 0333 2405667 or email enquiries@sonicwall-sales.com, we’d be happy to help!
Read the next article: Blocking pesky apps and multimedia sites using application control
Wireless Security Network KRACKS
Recent flaws in the design of WPA2 found by Belgian security researchers have publicly shown that more and more cybercrime regarding wireless networks is inevitable.
Known as KRACKS, these attacks (also known as key reinstallation) are a profoundly sophisticated attack. Used by cybercriminals to steal private and confidential data from unsuspecting users as they operate through a wireless network, using the flaws found in a WiFi standard to their advantage.
The team of researchers based their findings on CERT, issuing several CVEs to help support and address the flaws identified, as well as acknowledging those who have been most affected have released patches as of this writing.
For further updates and details of the precise vulnerabilities, you can view the research online www.krackattacks.com
Sonicwall Wireless Security
Sonicwall take all new security alerts and cyber threats seriously. The Capture Labs by Sonicwall, in particular, have looked at the vulnerabilities identified within this latest research announcement finding that the SonicWave and SonicPoint wireless access points are not vulnerable.
This is also true for the TZ and SOHO Wireless firewalls.
For all Sonicwall customers, this means that no updates or patches are required for both the integrated wireless and Sonicwall wireless access points.
Ways to protect your wireless network further
To help minimise the risk spouted by this latest cyber threat, we do advise (whether you’re using a Sonicwall global VPN client or not) to follow some of the actions outlined below:
- Ensure all your Wi-Fi clients are patched. Whether this is Android, iOS, Windows, Mac OS, or Linux, make sure you patch them with the latest KRACK updates. (The actual threat does not come from the wireless router but rather from compromising the wireless device, which is important to understand when carrying out patches.)
- If you aren’t a Sonicwall VPN customer, you will need to speak with your client-vendor to find out if a patch on your access points and routers is necessary. In an ideal situation, your Wi-Fi solution would be managed centrally to enable you to place patches more efficiently without taking up too much of your IT team's time. Note: For Sonicwall wireless customers, no updates or patches are required to the routers or access points.
- Look to enhance your security options, adding in additional layers through VPN technology. Encrypting all traffic between wireless devices and firewalls you have in place can protect you two-fold. For Sonicwall customers, we also recommend:
- On mobile devices for SSL encryption, opt for the Mobile Connect from Sonicwall
- Look for the Sonicwall Global VPN client for all IPsec encryption
- Provide updates and policies to users on best practices when sending sensitive data. Ideally, only using encrypted web pages.
- For a specific third radio which is ideal for scanning, the SonicWave series can offer it all. This intrusion detection element allows users to block traffic from unknown routers and access points, ensuring the scanning is continuous and monitoring for all types of threats in real-time.
- For a cybercriminal to commit to an attack, they must be within your Wi-Fi reach, so always lookout for any suspicious activity.
- There is also no requirement to begin changing Wi-Fi passwords and resetting these. This is because KRACKS do not need Wi-Fi passwords for them to be successful.
Sonicwall wireless security is designed to provide users with complete peace of mind. To ensure that your IT systems continue to provide you with continued high-speed access which is secure whether you’re using a wired or wireless network.
Helping you to stop more attacks affecting your networks, Sonicwall’s wireless network security solution helps to provide you with leverage when it comes to identifying and preventing cyber-attacks.
Providing Capture sandbox through a multi-engine, deep packet inspection (including cloud-based applications), as well as a centrally managed SonicWave 802.11ac Wave 2 wireless access points - Sonicwall has a solution to cover it all.
To find out more about the security solutions available to you, call us on 0333 2405667 or email enquiries@sonicwall-sales.com
SonicWall Exposes New Cyberattack Data, Threat Actor Behaviors in Latest Report
For cybercriminals and threat actors, the digital frontier is a lawless panorama of targets and opportunity. Despite the best intentions of government agencies, law enforcement and oversight groups, the modern cyber threat landscape is more agile and evasive than ever before.
For this reason, SonicWall Capture Labs threat researchers work tirelessly to arm organizations, enterprises, governments and businesses with actionable threat intelligence to stay ahead in the global cyber arms race.
And part of that dedication starts with the 2020 SonicWall Cyber Threat Report, which provides critical threat intelligence to help you better understand how cybercriminals think — and be fully prepared for what they’ll do next.
Global Malware Dips, But More Targeted
For the last five years, cybercriminals overwhelmed organizations with sheer volume. But as cyber defenses evolved, more volume was not resulting in higher paydays. A change was in order.
In 2018, cybercriminals began to leverage more evasive and pointed attacks against “softer†targets. In 2019, global malware volume dipped, but attacks were more targeted with higher degrees of success, particularly against the healthcare industry, and state, provincial and local governments.
All told, SonicWall Capture Labs threat researchers recorded 9.9 billion malware attacks* in 2019 — a slight 6% year-over-year decrease.
Ransomware targets state, provincial and local governments
‘Spray and pray’ is over. Cybercriminals are using ransomware to surgically target victims that are more likely to pay given the sensitive data they possess or funds at their disposal (or both). Now it’s all about ‘big-game hunting.’
The report outlines the most egregious ransomware attacks of 2019, while also painting a picture of the evolution of ransomware families and signatures, including Cerber, GandCrab, HiddenTear and more.
Fileless malware spikes in Q3
Fileless malware is a type of malicious software that exists exclusively as a memory-based artifact (i.e., RAM). It does not write any part of its activity to the computer’s hard drive, making it very resistant to existing computer forensic strategies.
The use of fileless malware ebbed and flowed in 2019. But exclusive SonicWall data shows a massive mid-year spike for this savvy technique.
Encrypted threats growing consistently
Another year, another jump in the use of encrypted threats. Until more organizations proactively and responsibly inspect TLS/SSL traffic, this attack vector will only expand.
IoT malware volume rising
From hacked doorbell cameras to rogue nanny cams, 2019 was an alarming year for the security and privacy of IoT devices. Trending data suggests more IoT-based attacks are on the horizon.
Cryptojacking crumbles
In early 2019, the price of bitcoin and complementary cryptocurrencies created an untenable situation between Coinhive-based cryptojacking malware and the legitimate Coinhive mining service. The shuttering of the latter led to the virtual disappearance of one the year’s hottest malware.
What Is Service Co-Termination?
Service Co-termination allows you to adjust the expiration dates of all Service Contracts to expire on the same date. Service Co-termination is provided as a free service to SonicWall customers who have active service contracts. Expired services must be renewed before they can be included.
Services covered in Co-termination
- Comprehensive Gateway Security Suite (CGSS) - CGSS will be shown as the individual services that make up the suite
- Gateway Anti-Virus & Intrusion Prevention Service
- Content Filtering Service - Premium
- Content Filtering Service - Standard
- Dynamic 24x7 Support (all products)
- Dynamic 8x5 Support (all products)
- Capture Client
Services Covered under Zero Pound/Dollar Co-term
- Dynamic 8x5 Support (all products)
- Dynamic 24x7 Support (all products)
- Gateway AV
- IPS
- Content Filtering Service - Premium
- Content Filtering Service - Standard
- Comprehensive Gateway Security Suite (CGSS) will be shown as the individual services that make up the suite
Services not currently covered
- Comprehensive GMS
- GMS SW Support
- CASS
- Email Security
- CDP Site-to-Site
- CDP Off-Site
- Antispam Desktop
- Software & Firmware-only" updates
Services not applicable to Co-termination
- Aventail Support for Advanced Reporting
- ViewPoint
How Service Co-termination is calculated
The value of the selected services in the MySonicWall account is calculated and averaged between the chosen items so that all services expire on the same date.
MySonicWallCo-termination calculates a common expiration date for the selected services in the following way:
- The number of days remaining until expiration is determined for each service (DR).
- The cost per day is calculated for each service (CPD). This is determined by dividing the price of the service by its duration).
- The Days Remaining times the Cost Per Day yields the Remaining Cost of the service (RC).
- The sum of remaining cost of the services divided by the sum of the costs per day yield the Days Variance (DR).
- The Coterm Date is Today’s date + Days Variance.
Coterm Date = Today + DV
DV = Days Variance ( (Sum of RC for all services) / (Sum of CPD for all services) )
Coterm Date = Today’s date + Days Variance
Cost-per-day is the amount a specific service on a specific devices costs for a single day. In terms of co-termination, the cost-per-day for a given service is directly related to the MSRP of the service divided by the number of days in the duration (1 year = 365 days, 2 years = 730 days, 3 years = 1095 days).
EXAMPLE:
- On the NSA E7500, Dynamic Support services for 1 year cost $4,859. The cost-per-day for Support on the NSA E7500 is:$4,859 / 365 = $13.31
- In comparison, the TZ 150 Unlimited’s Dynamic Support services for 1 year cost $89. The cost-per-day for Support on the TZ 150 Unlimited is: $89 / 365 = $0.24
How Co-termination is performed
- Select the devices and services you wish to modify and click the appropriate checkboxes.
- Click Co-Term Services when you have selected the services to be co-terminated. At least two services must be selected.
- Products can be grouped or filtered by Product, Service Name, Expiration Date, or days until service expiration, allowing you to narrow the choices to the most relevant products.
- After Co-termination dates have been calculated, they appear in the Co-term Date column.
- If you agree to this date, select the checkbox and click Complete. Otherwise, click the Back button to revise the co-termination order.
Co-termination Frequently Asked Questions (FAQ)
What Is Co-termination?
- Co-termination is the process of consolidating many service contracts to produce a common expiration date.
Do I need to buy anything?
- No purchase is needed. SonicWall offers the Co-termination feature free of charge to customers with active service contracts.
How does it work?
- MySonicWall will survey services chosen by the user, calculate the dollar value of the time remaining for those services, then spread that value across the devices so the services all end on the same date.
Can I co-term services on multiple devices?
- Yes. You can co-terminate services on a single device or all the devices in your MySonicWall account.
My company has multiple accounts with SonicWall. Can I co-terminate services for devices in all of them?
- You can run the Co-termination feature only for devices registered to your MySonicWall account. If your company has multiple accounts, you can transfer devices to a single account, then run the Co-termination feature.
How can I coterminate services for only a few select devices?
- Yes. The Co-termination feature will let you easily filter and group your devices. You can explicitly choose which services you would like to co-terminate.
Some of my services have expired, why can’t I select them for Co-termination?
- The Co-termination feature is available only to active services. If a service has expired, you will need to purchase a license and activate it through MySonicWall before it can be co-termed.
A Virtual Firewall that Protects Multi-Cloud Environments
Creating and developing a mix of private, public, and hybrid cloud computing environments is all part of the norm in today’s modern data centres, especially with the increase in virtualisation technology and advancements across all data and network infrastructures.
With research predicting that over 90% of organisations will be running a cloud-based infrastructure by 2024, is your business network security ready for the move to the cloud?
Businesses must be able to expand into this highly dynamic public or private cloud environments, embracing the new technology with open arms or else face the risk of control challenges as well as the risk of online and virtual blind spots!
This is where virtual firewalls are vast, becoming an essential component of a business’s security platform.
Operating together in a way that is easily managed on a day to day basis.
With news and reports hitting the headlines regarding more and more company data breaches, trust us when we say, whether you store your data in a data centre or a hybrid, private or public cloud, ultimately, it is this data that is your hackers goal, and often, they will stop at nothing to get it.
However, securing your cloud platform brings with it a set of challenges within itself.
These challenges can include unpredictable security functionality, a lack of network traffic visibility, and the difficulty in keeping up with the speed of change that cloud environments often bring with them.
To stay ahead of the game and on top of security threats, businesses must look towards cloud security systems that:
- Uses identity to identify and control network traffic, not protocols and ports
- Prevents malware from accessing your systems and moving to different locations in the cloud
- Helps to identify who can use the applications, as well as provide a system of control where access can be granted based on credentials and need
- Gets businesses set up and running in an instant. Streamlining deployment, so you no longer have to configure separate firewalls, saving you time and providing you with a predefined configuration.
- Replaces those outdated and expensive technologies such as WAN connections with cost-effective alternatives. For example, upgrading to the SD-WAN from the MPLS.
- Makes administration much more straightforward. Minimising security policy delays as more and more virtual machines are removed, added, or indeed moved about within your cloud environment.
Sonicwall NSv Virtual Firewall – a firewall you can rely on
The launch of the new SonicOS 6.5.4 firmware, has caused a stir in the cybersecurity market, and for all the right reasons!
With its hardware firewall platform, the new virtual Sonicwall firewall offers numerous benefits to organisations.
Supporting secure Zero-Touch Deployment, SD-WAN, Restful API, DNS Security, and much more – the Sonicwall firewall series has been designed to solve all of the issues identified above and more.
The NSv firewall also supports your security teams by reducing the security risks to your organisation regardless of type and vulnerability, avoiding severe disruption to your business’s everyday operations and critical services to customers.
Additional features include a whole host of security tools and services, including RFDPI (reassembly-free deep packet inspection), security networking services and controls all similar to what a Sonicwall physical firewall can provide.
Ultimately the NSv can effectively shield all of the critical elements contained in your public and private cloud environments.
What’s more, NSv is easily positioned between virtual networks in a multi-user virtual environment.
This means you’re now able to capture all data exchanges and communications between virtual networks aiding you in automated breach prevention, as well as enhancing data confidentiality, providing stringent access control measures, and VM integrity and safety.
This comprehensive security suite also helps to eradicate cross-virtual-machine, network-based intrusions, side-channel attacks, application and protocol vulnerabilities, and more.
Subjecting all traffic through several threat analysis protocols that include anti-spyware and gateway anti-virus, intrusion prevention, anti-virus protection for cloud applications, application control, botnet filtering, and multi-engine sandbox Capture Advanced Threat Protection.
If you’re looking for a security platform to work hand in hand with your cloud-based applications, look no further than Sonicwall.
For further information on how to protect multi-cloud environments further with Sonicwall firewall, visit our website at www.sonicwall-sales.com or email us on info@sonicwall-sales.com
Read next blog: The latest Sonicwall Secure Mobile Access and why you should upgrade
The Ultimate Guide on How to protect your PC from computer invaders
The Ultimate Guide on How to protect your PC from computer invaders
he internet and being online is one of, if not THE, ultimate resources for everyone in today's modern and dare we say it, digital world.
We use it for everything! To communicate with others, to carry out research, to work, to shop, to play etc. - when it comes to the internet the list could go on and on.
It's convenient; it's there at the tip of our fingers, and now with wi-fi hotspots, we’re never really without a connection!
However, we’re also now much more vulnerable to identity theft as well as invasion of privacy.
We leave digital footprints everywhere and putting your data in the wrong place, or the wrong hands can prove extremely costly, to you.
This guide highlights the cyber crimes you need to be aware of, the common challenges that we find ourselves facing daily, and how we can overcome these challenges by making some simple adjustments to how we view and use the internet and its different platforms.
Table of Contents
1. You are not safe online!
Computer invaders don't go away; they just change focus and adapt their attacks to target and break even the most powerful firewalls and antivirus!
1a) Common threats
Some of the most dominant and well-known cyber threats currently out there include:
Ransomware and Malware both used as a tool to carry our targeted threats, infecting computer systems as they go, and costing customers highly.
Data breaches are still one of the most important threats of today. Stealing personal information or company-wide information can lead to identity theft and fraud.
With business data most commonly found to be used for blackmail purposes or indeed to sell on for money.
Distributed Denial of Service attacks (DDoS) - these attacks are driven not only by financial gain, but also by political, ideological, or just bad opinion.
Payment card fraud - be aware of fake companies that show up at the point of sales online to abuse certain transactions, taking advantage of your personal information.
Crypto jacking – linked with cryptocurrency, crypto jacking attacks aim to exploit a computer user's bandwidth and processing power to mine for cryptocurrency. Such attacks can cripple a victim's system by manipulating their processing power.
Phishing emails – the most common form of threats and attacks due to their realism. Phishing emails set out to obtain personal data, hijack accounts, steal identities, carry out malicious activity from your PC and more!
SPAM – spam is often used to gain access to very targeted networks.
1b) Their effects on a PC
The effects all of these threats have on your PC or computer network can be fatal, fatal for the computer.
Depending on the security you have in place, as well as the type of virus/malware, and the expertise of your IT team, it will all depend on whether the hack and virus can be completely removed before any further damage is done.
Making operating systems run much slower than they should or stop working completely is just one effect these types of attacks can have on a computer.
That and all your files can be encrypted and used to access sensitive or personal information, or worse, your computer can be used to do bad things without you even knowing it's going on.
Your computer might also crash regularly, continuously show pop-up error messages, and create problems when trying to connect to secure networks.
This last point is very important for remote employees, because using their personal computers at home, which may be hacked or infected in some way, to log in to their office's private server, can open up more doors for intruders to gain access to!
1c) Staying safe
There are several ways to increase your security online. These include:
Reviewing your online activities – what sites are you shopping on? What content are you posting, and where are you posting this? How safe are the sites you are visiting?
Install the latest antivirus software and firewalls. With free and paid for protection now available, there is no excuse not to protect your PC. (SonicWall online is a great place to help you get started).
Make sure to use a personal private network. This will not only help your antivirus software to further protect your online privacy, but it will also help to hide IP addresses, protect passwords, and keep you anonymous online.
Be aware of the information you share on social media. Especially Facebook, whose business model is designed on using your personal information for advertising and marketing purposes.
Only use secure shopping sites
Use strong passwords (you will read this point a lot throughout this guide)
Delete or clear your tracking cookies. Deleting your online activity means it's harder to follow you and collect personal information about you.
2. Attack of the invaders
With global cybercrime damages predicted to reach $6 billion in costs (annually) by 2021, the online threat is not only real, but it is also continually evolving.
2a) Cybercrime at its worst - stats, history, and challenges to overcome
The second most investigated crime accounting for 50% of crimes in the UK is Cybercrime.
Hackers are invading PCs on average every 39 seconds!
The number of ransomware families has increased from 30 in 2015 to 98 in 2016, with the demand also increasing from $294 in 2015 to £1,077 in 2016.
Records lost to hacking in 2017 stood at an average of 780,000 per day.
2015/16 saw identity takeover become the fastest growing type of fraud in Australia and New Zealand.
In the past year, nearly 200 million people across 21 different countries experienced some form of cybercrime!
The cost of online crime and activity is real:
- The cost of data breaches annually now stands at a staggering $2.1 trillion.
- In 2017, the total revenue coaxed out of people and businesses from cybercriminals worldwide stood at $1.5 trillion!
- $3.8 million, is the cost of data breaches to businesses (on average).
- $600 billion the global cost of cybercrime in 2017.
Challenges come in many shapes and sizes
Take, for example, the recent hacking of Facebook user accounts. Affecting nearly 50 million users worldwide, over 14 million people had their location and search history exposed for all to see!
On this occasion users of the site did nothing wrong and nor was there anything they could do to stop or pre-empt this from happening (besides not having a Facebook account at all), because the hackers took advantage of a Facebook privacy feature, which allowed them to access users' accounts without them knowing.
Now, as one of the largest data breaches in Facebook's history, the company's engineers are working to fix the problem and have advised another 40 million users to log out of their accounts as a precaution. Logging out and logging back in, allowed Facebook to reset users access tokens, protecting their accounts.
Further investigations are still ongoing to the extent of how these bugs can be rectified.
This type of breach is not uncommon as we look further into cybercrime and in particular. WikiLeaks, who released over 8,000 CIA documents (of course classified) in 2017. A team of hackers also released sensitive emails from French presidential candidate Emmanuel Macron in the same year.
Mobile platforms are the fastest growing target areas for hackers, with 80% of mobile fraud carried out through mobile apps and 60% of online fraud carried out through mobile platforms.
These attacks are not only real, but they're big!
3. Keep your computer safe
With online threats at an all-time high, we've compiled a list of top tips to protect you and your computer from computer invaders.
Without needing to install a thing:
- Avoid sites which you don't trust or don't look 100% genuine.
- Don't open emails from unknown/not trusted senders
- Don't open attachments from just anyone!
- Take your passwords more seriously! With more than 60% of people using the same password across multiple sites, make sure you use longer passwords. Use a combination of lower and upper case, numbers, and characters. Avoid obvious ones such as children's birthdays!
- Check your security settings in your browser. Reviewing and setting these at the level that you need and want, you can block pop-ups and irrelevant ads, you can tell websites not to track your location and movements.
- Network security – disabling autorun on Windows, for example, can stop up to 50% of malware threats!
- Wi-Fi security at home – make sure to change your router's default settings by enabling a non-default password and network name.
- Wi-Fi security, public disable sharing and make sure to use a virtual private network (VPN) to secure your data and hide your IP address.
The need for software installation:
- Install the right firewalls and antivirus software depending on your needs and configuration settings required. Also, make sure to keep your firewall turned on!
- Keep your Windows operating system up to date, checking for the latest security updates and patches. Make sure you turn on the automatic update feature.
- Install antivirus and anti-spyware software. Providing real-time protection, helping to identify and block any unwanted mail and threats.
- Look to invest in cloud software or external hard drives, backup your folders regularly, and make sure you have a backup plan if the worst were to happen.
4. Firewalls
Most firewalls, over the years, have been developed in response to a security threat received. Action was then taken to develop and produce more advanced firewall technology to stop the threat from happening again.
4a) How they work
When we think of firewalls, we need to think of them as invisible walls, in both directions, that monitor everything that passes through them. If a threat is found, the wall will not allow it to pass through.
A firewall will ultimately stop hackers from accessing your computer via Wi-Fi connections and the internet and can help in two ways:
- It can allow traffic to pass through, except for data that meets a predetermined set of criteria.
- It can stop all traffic unless it meets a predetermined set of criteria.
Firewalls are a piece of security software that keeps track of the traffic to and from your computer. They are the first line of defence to protect your data and any important information.
4b) Why do you need them?
It is this misuse of confidential information and stealing of personal data which is why we need firewalls.
For example, hackers use Trojan viruses and key logging software to access computers and data. Things like passwords, bank details can all be taken and used without you realising for days (if not longer), racking up huge bills in your name as they go.
They can also use your computer against you, taking complete control without you knowing, and using it to run illegal activities online, or it's affecting the system in any way.
Firewalls and upgraded firewalls like SonicWall firewalls help to stop this from happening, placing a barrier between you and the hackers.
4c) Best Practice
Firewall best practice when it comes to business is to install complex firewall software to protect the most extensive networks, so that such security measures can be managed by a team.
Helping to:
- Prevent staff from sending certain types of emails or transmitting sensitive information.
- Stop employees accessing certain sites
- Prevent outside computers accessing computers inside the network
- Provide a variety of configurations
When it comes to firewalls for personal use, we recommend keeping it simple. The primary goal is to protect your computer and private network from malicious activity.
5. Antivirus software
Anti-virus software, in its purest form, protects against different types of malware, protecting your PC and your personal information.
5a) How they work
Good antivirus software helps to block everyday threats by finding them before they reach your computer, and before they reach you directly, pulling them away, and locking them in a safe place.
Anti-virus software is similar to anti-spy software in that it provides real-time protection (if you make sure to keep it updated regularly). Scanning all incoming information and blocking any unwanted information or threats which it detects.
5b) Why do you need them?
Malware and malicious software attacking our PCs are one of the biggest online threats.A virus of any kind can be spread over the internet and through email, quickly causing damage to your computer and files.
Malware in this sense also includes Trojan Horse programmes and spyware; all used to acquire your personal information for identity theft and fraud.
The right antivirus software will help to prevent spyware and malware from getting onto your computer and invading your privacy, but it is important to set up and use a secure password. Using long passwords including a combination of numbers, special characters, and upper- and lower-case letters is most recommended.
5c) Differences between firewalls and antivirus software
Both developed to offer you and your PC increased security, the key differences between antivirus software and firewalls are:
- Anti-virus can only be implemented in software, whereas a firewall can be both hardware and software.
- Anti-virus performs continuous scans on the PC in question, detecting, identifying and removing any threats found, whereas firewalls monitor and filter incoming and outgoing information.
- Anti-virus software can deal with external and internal attacks, while firewalls can only deal with external.
- You can apply set rules to firewalls for monitoring and securing PCs and networks; this is not possible with an antiantivirus that will run regular checks to see if programs or files are dangerous.
- A firewall can prevent untrusted and unauthorised applications from gaining access to your computer, but it does not do anything about it. Antivirus programs do this for you.
6. Email Security Software
When it comes to protecting your PC and computer systems, you need to make sure to invest in the right security software for you and your PC. However, you also need to bear in mind the need to defend yourself against all known and emerging viruses and hacks.
6a) Integrated email security software
Attacks are getting more and more advanced and varied, and for this reason, integrated email security software should be chosen instead of managing a number of different software systems.
Making life easier An integrated platform means you can manage, control and contain everything through one application. You can monitor all incoming and outgoing activity quickly and efficiently, and you can have a bird's eye view of the security of your PC.
Managing multiple applications is not only a minefield, but because they are all designed to do different things and not talk to each other, security processes can become slow and complicated.
When considering an integrated email security package, look for one that can protect against malware as well as spam, phishing, potential data leaks and more!
The SonicWall email security and sensitive data detection solution can help. Deployed as a software or virtual appliance, this security system gives you complete peace of mind that your computer and operating system are protected.
7. Advanced internet protection technique
In this final chapter, we want to let you in on some of our tips and unique techniques over the years to increase the security of your computer.
Tips that we've never shared before.
7a) Keep things up to date!
Now before you think, you've heard all of this before, and there is nothing left to say on the matter, give us a second!
Yes, when we say keep things updated, we're talking about things such as updating and keeping the latest version of Microsoft - and yes, we know not everyone likes it, but it will help to add another layer of security to your PC.
But, what we also mean is that it's also important to keep the more uncommon elements like your routers and Java up to date too.
Java is something that most of us don't really know to update in the first instance, let alone do this regularly, so it's important to know more about it.
In your start menu, search for Java, clicking and bringing up the Java Control Panel. Any updates and new updates will then be available by the click of a button in the bottom right-hand corner of the panel.
Within this section, we'd also recommend clicking on the security tab at the top and disabling, the Enable Java box.
Why?
Because this is notorious for vulnerabilities and opens up more opportunities and threats than adding additional security.
When it comes to routers, keep these up to date by changing passwords asap, and follow this up with disabling WPS, or Wi-Fi Protected Setup.
Why?
Because if we're 100%, honest WPS is really shaky on the security front!
7b) Change your controls
Most computers and PCs will automatically be set up with you as the administrator with admin privileges and the ability to access everything without question.
Herein lies the problem.
In your control panel, make sure to switch your privileges from admin to standard.
Why?
Because if a virus or piece of malware does accidentally find its way onto your PC, being set up as admin will give the invader the same privileges that you have, and you don't want that to happen.
7c) Keep some things to yourself!
In an era where 2.77 billion people around the world use social media, (an estimated 2.77 billion people around the world use social media), we tend to give too much away about ourselves, our family, and our lives in general.
Stop.
Let's keep some things under wraps, as not placing yourself in a vulnerable position will only strengthen your security position when online fraud and identity theft occur.
7d) Quick-fire tips
Make sure your antivirus software offers real-time protection.
Be aware that even the most trusted websites can be compromised.
Back up everything. Using both local and online backup systems. and
Sign out of things before closing everything down!
Conclusion
Computer invaders are not going away, but being armed with the right tools and information can keep you and your PC protected.
If you enjoyed reading this guide, please feel free to share and comment below with any questions or insight you might have when it comes to computer invaders; we'd love to hear from you.
Spear-Phishing Attacks Targeting Office 365 Users, SaaS Applications
Over the course of the last 15 years, cyber threats have gone from urban myths and corporate ghost stories to as mainstream as carjackings and burglaries. There isn’t a business owner of a small restaurant chain or a CEO of a Fortune 500 company who doesn’t think about the fallout of being breached.
I’m not here to tell you how the threats are getting more sophisticated, or how state-sponsored hacker groups are getting more and more funding; you already know that. But what I do want to share with you is something that I’m seeing daily. Targeted threats that you may have already witnessed and, unfortunately, been personally a victim of or know someone who has: Spear-phishing.
Are you an Office 365 user? Do you have customers who are Office 365 users? Are you a managed security service provider (MSSP) that administrators Office 365 for your clients? You probably need a solution that applies effective Office 365 security capabilities and controls.
With close to 200 million global users, Office 365 is a target — a big target. And spear-phishing attempts are good. Really good. Recently, Forbes ran a summary of the threat. Alarmingly, today’s most advanced spear-phishing attempts look like they come from your CFO, boss or trusted vendor. They provide credibility to the target and, many times, users take the bait. Money gets wired. Access to accounts are provided. Confidential information is exposed.
Traditional email security isn’t enough protection. Out-of-the-box, cloud-native security services aren’t enough protection. A lean, effective and modern Office 365 security or SaaS security solution is required.
How to stop spear-phishing attacks, advanced cyber threats
SonicWall Cloud App Security (CAS) combines advanced security for Office 365, G Suite and other top SaaS applications to protect users and data within cloud applications, including email, messaging, file sharing and file storage. This approach delivers advanced threat protection against targeted email threats like phishing attacks, business email compromise, zero-day threats, data loss and account takeovers.
CAS also seamlessly integrates with sanctioned SaaS applications using native APIs. This helps organizations deploy email security and CASB functionalities that are critical to protecting the SaaS landscape and ensure consistent policies across cloud applications being used.
Explore the five key reasons CAS may be able to protect your organization from spear-phishing and other advanced attacks.
- CAS delivers next-gen security for Office 365, protecting email, data and user credentials from advanced threats (including advanced phishing) while ensuring compliance in the cloud
- Monitor SaaS accounts for IOCs, such data leakage, account takeover, business email compromise (BEC) and fraud attempts
- Block malware propagation in malicious email attachments and files, whether they are at-rest or traversing a SaaS environment, internally or cloud-to-cloud
- Prevent data breaches using machine learning and/or AI-based user profiling and behavior analytics for incident detections and automated responses
- Leverage Shadow IT to monitor cloud usage in real time, and set policies to block unsanctioned applications
In my over 10 years of observing various attacks and sitting in rooms with customers (not mine, fortunately) who have been breached, I can tell you that you don’t want it ever to be you or your customers. This threat is having more success than any I’ve seen — and they are very recent.
For more information explore the CAS solution in detail.