August 2019 Colin Gracie- SONICWALL

MID-YEAR UPDATE | JULY 2019 2019 SONICWALL CYBER THREAT REPORT Arm Your Business with the Latest Threat Intelligence from the First Half of 2019 SONICWALL CAPTURE LABS 1 MILLION + THREAT NETWORK Sensors 215 + Countries & Territories

24 x 7 x 365 Monitoring

< 24 HOURS Threat Response

140K + Samples Collected Daily

28M + Attacks Blocked Daily 2019 GLOBAL CYBER ARMS RACE

20181H 20191H

SonicWall recorded more than 4.78 billion malware attacks for the first half of 2019 a 20% year-to-date 5.99 — Billion decrease. 4.78 Billion Global malware volume dips to start 2019, but other attack types rebound. MALW ARE INTRUSION W EB APP RANSOMW ARE IOT ENCRYPTED CYBERATTACK TRENDS ATTACKS ATTEMPTS ATTACKS ATTACKS MALW ARE THREATS

76% 55% As global malware 11% 15% volume declines, 4% other attack types increase during -20% the first half of 2019.

4.8 BILLION 2.0 TRILLION 19.2 MILLION 110.9 MILLION 13.5 MILLION 2.5 MILLION 2019 MALWARE VOLUME: TOP GLOBAL COUNTRIES

Malware attacks are largely down in 2019 with a few exceptions.

India (25%), Switzerland (72%) and the Netherlands (3%) were the top countries that suffered increased malware activity. STILL RISING

Ransomware Volume YTD 110.9 Million Ransomware Attacks 1H 2018 1H 2019 Change

U.K. 2.2M 6.4M +195% Ransomware continues to pay dividends for cybercriminals. Global 96.6M 110.9M +15% All told, global ransomware volume U.S. 52.5M 41.7M -21% reached 110.9 million for the first half of 2019, a 15% year-to-date increase. India 1.0M 382K -62%

Germany 5.4M 1.6M -71% RaaS THE EXPLOIT KIT OF CHOICE IN 2019

Globally, cybercriminals are pivoting toward new attack types. Exclusive SonicWall data highlights an escalation in ransomware-as-a-service (RaaS) and open-source malware kits in the first half of 2019.

2018 1H 2019 FAMILY VOLUME TYPE FAMILY VOLUME TYPE Cerber 101.6 Million RaaS Cerber 39.5 Million RaaS BadRabbit 7.8 Million Custom Gandcrab 4.0 Million RaaS Dharma 7.34 Million Custom HiddenTear 4.0 Million Open Source LockyCrypt 6.1 Million Custom CryptoJoker 2.4 Million Open Source CryptoJoker 5.6 Million Open Source Locky 1.8 Million Custom Locky 2.4 Million Custom Dharma 1.5 Million Custom 1.9 Million Custom ATTACKS AGAINST NON-STANDARD PORTS STILL A CONCERN

An average of 13% of malware attacks came across non-standard ports for the first half of 2019.

Traditional proxy-based firewalls can’t mitigate attacks over non- standard ports (for both encrypted and non-encrypted traffic). ENCRYPTED THREATS INTENSIFYING

76% 2.4 Million Encrypted Attacks

Through the first six months of 2019, SonicWall has logged 2.4 million encrypted attacks, almost eclipsing the 2018 full-year total in half the time. MACHINE LEARNING, MULTI-ENGINE SANDBOXES ARE ‘MUST-HAVES’ IN 2019

SonicWall Capture ATP sandbox and RTDMITM technology have been dynamically self-learning since early 2018.

In 2019, Capture ATP discovered and blocked 194,171 new attack variants, a 45% year-to-date increase over 2018.

Of that, RTDMITM identified 74,360 ‘never-before-seen’ malware variants in 2019. MALICIOUS PDFs, OFFICE FILES REMAIN DANGEROUS THREAT TO BUSINESSES

SonicWall ATP found new malware variants hidden in 33,616 PDFs and Office files in the first half of 2019.

After malicious PDF and Office file attacks peaked at 39% in Q1, volume dropped in Q2. BITCOIN RUN KEEPING CRYPTOJACKING IN PLAY

52.7 Million SonicWall’s patent-pending Real-Time Deep Memory Cryptojacking InspectionTM (RTDMI) Attacks mitigates dangerous side- channel attacks utilizing patent-pending technology. Halfway through 2019, bitcoin is surging again and is helping Side-channels are the fundamental vehicle used to cryptojacking stay relevant as a exploit and exfiltrate data lucrative option for cybercriminals. from processor vulnerabilities, such as Foreshadow, Volume passed 52.7 million for PortSmash, Meltdown, the first six months of the year, Spectre and Spoiler. a 9% increase over the last six months of 2018. IOT ATTACKS ESCALATING

In the first half of 2019, SonicWall has already logged 13.5 million IoT attacks, which outpaces the first two quarters of 2018 by 54.6%. GLOBAL PHISHING TRENDING DOWN

So far in 2019, SonicWall recorded 8.3 million phishing attacks worldwide, a 19% dip year to date. This is our mission. To promote global awareness and facilitate important dialogues, SonicWall remains steadfast in its commitment to research, analyze and share threat intelligence. Get the 2019 mid-year update.

Exclusive cyber threat intelligence and analysis. Only from SonicWall Capture Labs. SonicWall.com/ThreatReport SONICWALL WIRELESS Wireless Device Billions of IoT Devices ExplosionOf very large businesses said Some analyst firms have securing corporate data on Moremobile than devices 20 billion was Wi-Fi their most predicted there will be 50 chipsetsimportant expected mobile tosecurity ship billion IoT devices by 2020 betweenobjective. 20161 and 2021 More than 95% of devices shipped in 2021 to support 5GHz – ABI Research Move to the Cloud Increasing reliance on cloud apps. In North America, 70% of all organizations use at least one cloud-based application

New 2x2 802.11ac Wave 2 Access Points 2019 Wireless Release

Deployment & Platform Refresh SonicOS Features Management

SonicWave SonicWave SonicWave 231c 224w 231o WiFi Planner SonicWave 200 series (802.11ac wave2)

SonicOS 6.5.4 Wireless Features SonicWiFi WiFi Cloud Mobile App - Mesh Networking Manager - BLE Capture Security Center 21 WiFi Controller Firewall Cloud (FY’20)

AP Management AP Management Firewall CSC FW Firewall CSC FW Direct UI Mgmt. Direct UI Mgmt.

On-Prem. CSC Available On-Prem. CSC Wireless 22 GMS Not Available GMS Wireless iOS & SonicWiFi Mobile App Android Easy Onboarding

1. Launch Mobile App

2. Login with MSW credentials (2FA)

3. Scan QR code

4. Register SonicWave APs

Available for SonicWave 400 and 200 Series

23 Use Cases

Remote/Branch locations Education Retail

Advanced Secure Cloud WiFi

Capture ATP CFS 24 Use Cases

Hospitality Mobility Parks and outdoor fields

25 Tenant Info: Wireless Dashboard Dashboard view per location for - Locations - Past 24 hours - Total Access Points - Past 7 days - Total clients - Past 30 days Menu bar: - Traffic (U/D) - Overview - Alerts Per Location Info: - Hierarchy - Total APs - Zones - Total Clients - Policies - Total clients - Devices - Traffic (U/D)

WiFi Planner (Available to All)

Top traffic used by: - AP - Clients - Zones - SSIDs 26 Cloud App Security Software as a Service (SaaS) Threat Landscape

Targeted Phishing Credential Compromises Data Security

Shared Responsibility Model for SaaS Data Security & Compliance Customer User & Device Access Responsibility Application Security Cloud Service Network Security Provider Infrastructure Security Responsibility

Malware Unauthorized Sensitive file Compliance propagation sharing uploads

Email is the # 1 Threat Vector SaaS credentials are the crown jewels Data & access are customer responsibility Industry Growth and Customer Risk

“Global Application Security market is estimated at $2.35 billion in 2016 and is expected to reach $10.26 billion by 2023 growing at a CAGR of 23.4% from 2016 to 2023.” – Reuters, Orbis Research “..we expect spending on global cloud security solutions to reach $3.5 billion by 2021 — an annual growth rate of 28% over the next five years.” - Forrester “By 2020, 60% of large enterprises will use a CASB to govern cloud services, up from less than 10% today.” - Gartner “Through 2020, at least 99% of cloud security failures will be the customer's fault.” - Gartner Cloud Adoption Trends

Through 2023, at least 99% of cloud security failures will be the customer’s fault.

End-user spending for the information security market is estimated to grow at a compound annual growth rate of 8.5% from 2017 through 2022 to reach $170 billion in constant currency. The CASB segment was the fastest growing, at a growth rate of 46% CAGR from 2017 to 2022. Data Stored in the Cloud is Customer’s Responsibility

“You will be solely “You're responsible for your responsible for conduct and Your Stuff. Dropbox syncs any files added to it. If someone adds files with a maintaining appropriate virus or malicious security protection and backup copies of the Content, which may include, your use of additional software, that file syncs to any computers encryption technology to protect the Content from linked to the account. ” unauthorized access.” Solving the Challenges Product Definition

1. Visibility & Control: Identify & control all the cloud services used by an organization's employees 2. Compliance: Help organizations demonstrate that they are governing the use of cloud services 3. Threat Protection: Deploy solution designed for the cloud that includes sandboxing and user behavior analysis 4. Data Security: Provide role-based policy tools, data classification, and loss prevention technologies 5. Next-Gen Email Security: Block targeted phishing attacks that are designed to bypass native security of Office 365 and G Suite Next-Gen Security – Account Takeover Prevention

• Cloud App Security monitors 100+ events such as • "Superman" logins • Unusual number of devices • Internal phishing/malicious emails • Multiple failed login • Uses Machine Learning algorithm to find attacks • Identifies attacks in real time and historical attacks Customer Profile (Any Vertical) Customer Challenges: • Ability to stop targeted Office 365 phishing attacks Demographics: 100 – Limited control over data residing in the cloud 5000 employees with • multiple branch and - OneDrive, SharePoint Online, MS Teams, SFDC home offices Scenario: IT has • Protect credentials from being stolen and account deployed compromises • Office 365 • Salesforce.com and • Maintain consistent data security policies for all Box cloud apps – O365, G Suite, Box, Dropbox, SFDC • G Suite and #Slack used • Email security gateway is in place SonicWall Solution – Cloud App Security Protect email, data and user credentials for Office 365, G Suite and other SaaS apps

Next-Gen Security for SaaS Apps Anti-phishing Ransomware & Zero day protection Account Takeover Protection DLP & Compliance SonicWall Cloud App Security

Cloud native APIs Thank You