Notice

This link will direct you to a website outside of pacxa.com. The external site will open in a new tab.

skip to main content
Pacxa logo
skip to content

2022 SonicWall Cyber Threat Report: The industry takes stock of cyber attacks

By Pacxa

Cybersecurity is front of mind for enterprises right now, with everyone on high alert trying to manage potential threats that carry major reputational and financial risks. Each year, the SonicWall Cyber Threat Report uncovers insights extracted from global cyber threat data collected and analyzed by expert researchers. As “the world’s most quoted ransomware threat intelligence,” the report is relied on as an annual snapshot of the threat landscape, helping business and government leaders make informed decisions about cybersecurity.

Below, we share some of this fascinating and relevant data, with our perspective on what it all means for Hawaiʻi businesses.

Hawaiʻi’s malware risks climb

It may surprise people to know that Hawaiʻi was ranked as the 4th riskiest state for malware just behind Kansas, South Dakota, and Iowa. Our 14 million malware hits look relatively trivial compared to states in the 50, 60, and nearly 90 millions, but looking at our 19% “spread,” which accounts for size, population, and other variables, you can see that Hawaiʻi is an extremely high-risk state for malware. As explained in the report, “If we think of malware volume as being similar to the total amount of rainfall in a given region, then malware spread percentage could be compared to the probability of precipitation, or ‘chance of rain,” meaning that any given Hawaiʻi organization has a 19% of being a malware victim. While the report doesn’t pinpoint underlying causes of these malware vulnerabilities, delayed technology adoption and legacy infrastructure in our state may be potential risk factors.

This startling finding may allude to our state’s collectively under-developed cybersecurity posture. Cybersecurity has been top of mind for organizations nationally and globally, but Hawaiʻi has been slow to adopt advanced practices and solutions, leaving our organizations vulnerable to increasingly resourceful cyber attackers. Armed with these hard facts, Hawaiʻi leaders should recognize the looming risk of malware and make cybersecurity a priority.

Record-breaking ransomware

SonicWall recorded 623.3 million global ransomware attacks in 2021, up 105% from 2020 and 231.7% from 2019. The 2021 statistic translates to nearly 20 ransomware attempts every second.

Two of the year’s most infamous attacks hit in May of 2021, involving the U.S.’s largest fuel pipeline, Colonial Pipeline, and the world’s largest meat producer, JBS Foods. Attackers stole nearly 100 GB of data from Colonial Pipeline, triggering a six-day outage and consequent fuel shortages and public panic. In the JBS Foods attack, the company was forced to disrupt operations in the U.S., Canada, and Australia before paying out $11 million in ransom.

The Colonial Pipeline attack originated from a single compromised password, and the JBS attack stemmed from a weak password on an old administrator account. The most painful part of these devastating attacks is that experts suggest they could’ve been prevented with simple password hygiene and multi-factor authentication.

Ransomware strategies persist and evolve

The report notes that business email compromise attacks or “BECs” persist as an increasingly common and effective form of attack. This is when an attacker “impersonates” an executive by mimicking their email address and then emails requests to junior staff, such as wiring money or purchasing gift cards. These attacks are not sophisticated, but they are highly lucrative. The FBI reported losses of roughly $1.8 billion in 2020. Keeping in mind that most of these individual losses, likely happening at small companies for $50 or $100 a pop, go unreported, this number is staggering and is expected to only rise in 2022.

SonicWall’s researchers also identified a new ransomware strategy that they refer to as “triple extortion, an evolution of the “double extortion” attack. Triple extortion occurs when attackers compromise data and threaten to release it, while also sifting through the data, figuring out which entities are most vulnerable, and demanding ransom from them individually, in addition to the original target company.

Hawaiʻi: Pacxa and SonicWall

The perception that Hawaiʻi is safely insulated from cybercrime given our remote geography is, unfortunately, untrue. Of course, Hawaiʻi businesses are also national and global businesses. Cybercrime impacts local businesses daily and poses catastrophic threats to our economy. Cyberattacks are only becoming more common and more advanced. Hawaiʻi organizations must proactively protect themselves with the latest technologies and best practices.

As a SecureFirst Silver Partner, Pacxa holds in-depth expertise in SonicWall’s various cybersecurity products and solutions. Find more information here about steps your company can take to be as proactive as possible.

Read the full 2022 Cyber Threat Report here.

Why Cybersecurity Matters for Distributed Enterprises

By Amanda LaCasse, Vice President, Cyber Security Services and Managed Services Delivery

As enterprises grow, so do their location counts. This results in a distributed enterprise, where a single organization is made up of several locations or branches, both physical and/or remote. These organizations rely heavily on cloud services, high-speed WANs, POS systems, telecommunications platforms, and various endpoints to communicate and share data.

Traditionally, distributed enterprises have been retailers, banks, hospitals, and other physically dispersed organizations. However, the pandemic era of remote work has ushered in a whole new distributed enterprise scenario where employees collaborate from far off locales, operating in office spaces, apartments, and corner cafés. It’s wise to approach cybersecurity for remote and hybrid workforces in a similar way to distributed enterprises because protecting distributed enterprises merits extra care and a thoughtful approach to IT.

A distributed enterprise = more risk

Cybersecurity risks are steadily increasing as attacks become more sophisticated, more personalized, and, when successful, more debilitating. Distributed enterprises are especially vulnerable because of their large “attack surfaces” with many points of vulnerability. An enterprise’s attack surface comprises both the physical (actual devices or files that can be compromised in-person) and the digital (software, hardware, and applications that users use daily). The larger the attack surface, the more challenging it is to protect.

Distributed enterprises are also at higher risk because IT resources are typically centralized in one location, such as the headquarters, leaving other locations with few or no onsite IT resources. This can result in inconsistently enforced protocols, lapsed software updates, and an undisciplined approach to asset protection.

Remote work environments have proven to be even more challenging because employees may use personal devices not configured by IT, and they may work in vulnerable environments, such as public spaces with shared internet access. Complicating matters further, these employees are often on the move, presenting new challenges with every location.

Proactive protection

When it comes to choosing suitable cybersecurity solutions, scalability and flexibility are key. Any enterprise location could ramp up, scale back, open, or close unexpectedly—extreme weather events and the shifting pandemic landscape are recent examples. Having flexible and scalable solutions helps companies to expect the unexpected, navigate a dynamic environment, and mitigate impacts.

At Pacxa we integrate the following solutions and strategies to ensure that risks are proactively managed and won’t hinder growth:

  • Next-generation firewalls (NGFW). NGFWs take traditional firewalls to the next level with added, security-boosting features such as application-level inspection and intrusion prevention.
  • Centralized management. Centralized management is the practice of using central sets of tools, processes, and resources to manage cybersecurity. With this type of management, businesses gain visibility and ensure compliance.
  • Zero Trust model. Simply put, with a Zero Trust model, no user or device is trusted. Every user and device must be verified before gaining access to the resources on the network.

Pacxa has employed these and other cybersecurity strategies for our distributed enterprise clients to proactively protect against cyberthreats and enable them to successfully scale in the future. As organizations highly vulnerable to cyberattacks, distributed enterprises must utilize modern, scalable cybersecurity measures. Contact Pacxa today to ensure that your organization is protected.

The Importance of the Managed Service Provider in IT Consolidation

Authored by Doug Shimokawa, Senior Vice President

We’ve seen a growing need for IT consolidation, or the simplification of the technology environment (software, hardware, and services). Most enterprise IT departments aim to create a seamless, integrated environment that avoids waste and strives for optimum utilization. This creates a more streamlined process of managing, updating, and tracking tools within the enterprise, while leveraging resources more effectively, reducing IT costs, and ultimately adding value to the organization.

What is IT consolidation?

IT consolidation is generally part of an overall strategy to reduce the IT footprint in the enterprise environment. This trend makes sense for enterprises given the IT tools that are available and the dynamic nature of the businesses environment where flexibility and agility will continue to be key.

That said, while IT must be as unobtrusive as possible, organizations will want data access management tools that give them a holistic view across devices and geographies given the shift to hybrid work and constant looming specter of cybersecurity threats. This approach also helps to improve security posture with fewer tools to monitor and fewer vulnerabilities to address and patch.

The benefits of IT consolidation are many: increased efficiency, boosted cost savings, improved flexibility, and enhanced security, to name a few.

MSPs and IT consolidation

Like any major project, IT consolidation must happen through well-planned phases, from developing a strategy to measuring results. The process is complicated, requiring both expertise and manpower, resources that remain sparse in many organizations.

Enterprises are increasingly turning to managed service providers (MSPs) or third parties to support their consolidation efforts and manage their overall IT environments. Internal teams are already overburdened with remote work and cybersecurity challenges and don’t have time to focus on new or additional “surge” initiatives.

MSPs play the role of expert, filling in resource and knowledge gaps as needed. No organization, particularly those that are small with limited in-house resources, can possibly stay up to date on every facet of the evolving IT environment.

MSPs are available to companies of all sizes, regardless of industry, for all IT needs. Always at the cutting edge of available technology because they are constantly helping clients improve their environments, MSPs can serve as a gateway to and single point of contact for a wide range of partners (e.g., Microsoft, Oracle, etc.) that offer a variety of solutions. By working with an MSP on an ongoing basis, businesses receive best-in-class evaluation, recommendations, implementation, and management for IT consolidation and beyond.

Establishing a relationship with an MSP positions an enterprise for growth and flexibility. Enterprises that are now being proactive will reap the future benefits, ready to scale up or down without overhauling their systems.

Final thoughts

While worthwhile, IT consolidation is daunting, but MSPs help organizations demystify and decipher. Working with an MSP will ensure that enterprises can focus on what they do best for their clients, without having to worry about internal and external technology issues. A dynamic business environment coupled with uncertainty and untold opportunity makes this the ideal time for businesses of all sizes to prepare for the future and partner with an MSP.

Email alert icon

Stay Informed

Get alerts on tech news and announcements