SonicWall hacked via zero-day flaw in remote access tools

Sabina Weston

25 Jan, 2021

SonicWall has admitted that it’s been the target of a cyber attack which saw hackers take advantage of zero-day vulnerabilities in its secure remote access products.

The network security provider issued a statement confirming the incident after being contacted by SC Media, which received an anonymous tip that SonicWall’s systems had been breached.

The company stated that it had “identified a coordinated attack on its internal systems by highly sophisticated threat actors exploiting probable zero-day vulnerabilities on certain SonicWall secure remote access products”.

The company didn’t specify when exactly the incident took place. CloudPro contacted SonicWall for a timeline of the attack but is yet to receive a response from the company.

Over the weekend, SonicWall issued an additional statement which ruled out that its NetExtender VPN Client product had been compromised, adding that the only products to remain under investigation are from the SMA 100 series which “provide Secure, Mobile and Remote Access” to SMBs. 

However, SonicWall clarified that, despite the investigation, all “SMA 100 series products may be used safely in common deployment use cases”.

The company also said that it “fully understands the challenges previous guidance had in a work-from-home environment, but the communicated steps were measured and purposeful in ensuring the safety and security of [its] global community of customers and partners”.

“As the front line of cyber defense, we have seen a dramatic surge in cyberattacks on governments and businesses, specifically on firms that provide critical infrastructure and security controls to those organizations,” it added.

Despite a decline in the number of security incidents, the last year was deemed as the worst for data breaches on record.

The news of the incident comes months after SonicWall released patches for a critical vulnerability in the SonicOS operating system, which is responsible for running SonicWall virtual private network (VPN) appliances.

Enterprise software to lead IT spending rebound in 2021

Sabina Weston

25 Jan, 2021

Enterprise software is expected to grow by 8.8% in 2021 as businesses seek to expand and improve remote work environments, according to new predictions from Gartner.

Global IT spending fell by 3.2% in 2020 as a result of the COVID pandemic, but the research firm expects spending this year to rise by 6.2% to a total of $3.9 trillion (£2.85 trillion) before surpassing the $4 trillion (£2.93 trillion) mark in 2022.

Enterprise software is expected to witness the strongest rebound followed by the devices segment, which is expected to see growth of 8% in 2021. Garner expects spending on data centre systems to increase by 6.2% during the 12-month period, while IT and communications services are predicted to grow by 6% and 4% respectively. 

Commenting on the predictions, Gartner distinguished research VP John-David Lovelock said that CIOs “have a balancing act to perform in 2021 — saving cash and expanding IT”.

“With the economy returning to a level of certainty, companies are investing in IT in a manner consistent with their expectations for growth, not their current revenue levels. Digital business, led by projects with a short Time to Value, will get more money and board-level attention going into 2021,” he added.

Gartner also projects that, through 2024, businesses will be forced to accelerate their digital transformation plans by at least five years in order to survive in a post-COVID world, where remote work and digital touchpoints will be the norm.

“Digital business represents the dominant technology trend in late 2020 and early 2021 with areas such as cloud computing, core business applications, security and customer experience at the forefront,” said Lovelock. 

“Optimisation initiatives, such as hyperautomation, will continue and the focus of these projects will remain on returning cash and eliminating work from processes, not just tasks.”

Moreover, non-COVID-19 geopolitical factors are expected to inhibit recovery for some regions, such as Brexit for the UK and the difficult China-US relations.

Microsoft and SAP expand partnership due to increase in digital transformation

Bobby Hellard

25 Jan, 2021

SAP has announced plans to integrate Microsoft Teams into its suite of services to help customers migrate to the cloud.

The two tech firms share an existing strategic partnership which now includes a formalised plan to accelerate the adoption of SAP S/4HANA on Azure.

The extension of the partnership will focus on simplifying cloud journeys for SAP customers. The increase in adoption of video conferencing services last year saw Microsoft Teams surpass 75 million active users, and as a result, Microsoft and SAP have announced plans to build new integrations between Teams and SAP services, such as S/4HANA.

The integrations are planned for the middle of 2021 and the hope is that it boosts innovation, increases productivity and supports business growth.

“New ways of working, collaborating and interacting completely transform how we operate,” said Christian Klein, CEO of SAP. “By integrating Microsoft Teams across our solution portfolio, we will bring collaboration to the next level, jointly determining the future of work and enabling the frictionless enterprise.

“Our trusted partnership with Microsoft is focused on continuously advancing customer success. That’s why we are also expanding interoperability with Azure.”

The Azure expansion builds upon a partnership forged in 2016. The two firms want to introduce new capabilities around cloud automation for both HANA and Azure in order to simplify cloud migration and digital transformation – both of which are now priorities for businesses in all sectors around the world.

It will feature SAP, Microsoft and system integrator partners providing digital enterprise roadmaps for customers, which includes immediate and actionable reference architectures and technical guidance to aid their journey to the cloud.

There will also be increased investments in platform and infrastructure, such as further development of automated migrations, improved operations, monitoring and security.

“The case for digital transformation has never been more urgent,” said Microsoft CEO Satya Nadella. “By bringing together the power of Azure and Teams with SAP’s solutions, we will help more organisations harness the power of the cloud so they can more quickly adapt and innovate going forward.”

IBM suffers its sharpest revenue decline for five years

Bobby Hellard

22 Jan, 2021

IBM has reported its sharpest revenue decline for five years with a 6% drop in the fourth quarter of 2020.

Chairman and CEO Arvind Krishna remained bullish that IBM’s recent strategical changes would come good by the end of the year, but the company’s latest financial report was much lower than expected.

IBM’s cloud business brought in $7.5 billion during Q4, a 10% increase from the previous quarter. Revenue from Red Hat also increased by 19%, and the firm revealed that its debt was reduced by $3.9 billion. However, this wasn’t enough to raise overall revenues, which dropped 6% with $20.4 billion brought in between October and December. 

“We made progress in 2020 growing our hybrid cloud platform as the foundation for our clients’ digital transformations while dealing with the broader uncertainty of the macro environment,” said Krishna. “The actions we are taking to focus on hybrid cloud and AI will take hold, giving us the confidence we can achieve revenue growth in 2021.”

IBM’s yearly figures were just as concerning, with revenue coming in at $73.6 billion, a 5% drop from 2019. Again, Red Hat and Cloud revenues were positive but not enough to change the overall financial outlook. 

The tech giant is a little bit of an anomaly in that its one of the few cloud providers to report such big losses during the pandemic. The likes of Amazon, Microsoft and Google have posted increased revenues due to the greater need for cloud computing services, and newer challengers like Alibaba have also gained market share thanks to the so-called ‘new normal’. 

IBM and Krishna will rightly point to the company’s recent structural changes and acquisitions that are clearly long-term strategies. The acquisition of Red Hat is already providing revenues increases and the firm is an active buyer of hybrid cloud businesses – to date, Krishna’s tenure has seen nine acquisitions, which is roughly one for each month he has been in charge. 

Ultimately, the big play is the decision to split its operation into two business units. Krishna will focus on cloud computing and a new company will deal with its infrastructure business. The spin-off is set to be completed by the end of the year but IBM might have to weather more financial turbulence in the meantime. 

Google Chrome makes it easier to fix weak passwords

Sabina Weston

21 Jan, 2021

Google Chrome users will now be able to check which passwords should be updated with stronger combinations using a new tool for Chrome 88.

The feature makes it easier to identify and fix weak passwords by scanning the combinations stored in Chrome’s password manager and highlighting the ones which could be easily breached.

Once they are identified, Chrome will allow users to edit the passwords and even facilitate the process by generating a stronger combination.

Commenting on the new feature, Chrome product manager Ali Sarraf said that Google is “excited to announce new updates” that will provide users with “even greater control over your passwords”.

“We’ve all had moments where we’ve rushed to set up a new login, choosing a simple “name-of-your-pet” password to get set up quickly. However, weak passwords expose you to security risks and should be avoided. In Chrome 88, you can now complete a simple check to identify any weak passwords and take action easily,” he added.

According to Sarraf, the new tool will be rolled out over the coming weeks as users upgrade to the Chrome 88 browser version. Once the browser is updated, users can access the tool by going to Settings > Passwords > Check passwords > Check Now to perform a safety check of their passwords. They can then click the “Review” button to replace the saved password with a stronger combination.

Sarraf also added that Google will continue to introduce additional password features “throughout 2021”.

The new tool is an addition to Chrome’s “Check passwords” feature, which allows users to check whether any of their saved passwords had been compromised.

The feature was rolled out after a similar tool, Firefox Monitor, became available on Mozilla’s own browser in September 2018. The system works by scanning users’ email address against a database of information confirmed to have been leaked in security breaches. If it has been marked as potentially stolen by hackers, Mozilla will then notify the user, who can change their username and passwords as a precaution.

In May 2019, the company also released Firefox Lockwise, which uses 256-bit encryption to allow users to access their saved passwords in Firefox from anywhere.

SolarWinds hackers hit Malwarebytes through Microsoft exploit

Keumars Afifi-Sabet

20 Jan, 2021

Malwarebytes has said that the same state-backed cyber gang that attacked SolarWinds in December was able to access internal emails by using an exploit in Microsoft 365.

The hackers gained limited access to internal Malwarebytes emails, according to CEO Marcin Kleczynski, by abusing applications with privileged access to Microsoft 365 and Azure environments.

The security firm first became aware of the threat after the Microsoft Security Response Centre (MSRC) discovered unusual activity in a third-party application sat inside the Microsoft 365 suite. Microsoft had been examining its Office 365 and Azure systems for signs of compromise at the time, while details of the SolarWinds attack were also beginning to emerge.

The attackers demonstrated similar techniques and procedures to those used in the SolarWinds compromise. In this case, however, they abused a dormant email protection product within the firm’s Office 365 tenant. This granted the attackers access to a limited subset of internal emails.

The attackers, however, failed to access or compromise Malwarebytes’ source code, and the company has declared that its products were safe to use at all times.

“While Malwarebytes does not use SolarWinds, we, like many other companies were recently targeted by the same threat actor,” Kleczynski said.

“After an extensive investigation, we determined the attacker only gained access to a limited subset of internal company emails. We found no evidence of unauthorized access or compromise in any of our internal on-premises and production environments.”

The specific exploit mechanism is based on an Azure Active Directory flaw uncovered in 2019, which Fox-IT researcher Dirk-jan Mollema demonstrated could be exploited to escalate privileges by assigning credentials to applications.

An early January report published by the US Cybersecurity and Infrastructure Security Agency (CISA) also revealed how attackers may have obtained access to Microsoft 365 apps by password spraying, in addition to exploiting administrative credentials.

In the Malwarebytes attack, the hackers added a self-signed certificate with credentials to the service principal account. From there, they were able to authenticate using the key and make API calls to request emails through MSGraph.

The SolarWinds breach was certainly one of the most significant security incidents of last year and carries wide-reaching implications for the industry. Since the turn of the year, it’s been revealed that the attackers accessed Microsoft source code in the breach, and had even first breached SolarWinds’ systems as far back as September 2019.

WhatsApp delays controversial privacy update for businesses

Sabina Weston

18 Jan, 2021

WhatsApp has announced that it will delay the rollout of new privacy terms which were supposed to come into effect next month.

The update, which was presented to users on a ‘take it or leave it’ basis, was designed to allow businesses to manage WhatsApp chats using new Facebook integrations. Users, therefore, were asked to share certain aspects of their data with WhatsApp’s parent company Facebook if they still wished to continue using the platform.

However, the plans were met by a backlash sufficient enough to make WhatsApp delay the implementation of the update by over three months, with the rollout pushed back from 8 February to 15 May.

“We’re now moving back the date on which people will be asked to review and accept the terms,” the company announced on its blog, before adding that “no one will have their account suspended or deleted on February 8”. 

“We’re also going to do a lot more to clear up the misinformation around how privacy and security works on WhatsApp. We’ll then go to people gradually to review the policy at their own pace before new business options are available on May 15,” it said.

WhatsApp’s decision to forcefully implement its updated terms and conditions resulted in a number of users fleeing the service, with many choosing to seek privacy solace in the arms of the messaging platform’s competitors.

This caused temporary infrastructure issues for encrypted messaging service Signal, which on Friday saw its servers overwhelmed due to the sudden rush of new users.

“We have been adding new servers and extra capacity at a record pace every single day this week nonstop, but today exceeded even our most optimistic projections. Millions upon millions of new users are sending a message that privacy matters. We appreciate your patience,” the company announced via Twitter.

While the change to WhatsApp’s terms and conditions won’t affect those in the UK or Europe specifically, a pop-up notification still appeared on the app for everyone – bringing fears over the security and privacy of bring your own device (BYOD) policies again to the fore.

Rowan Troy, cyber security consultant at managed IT provider Littlefish, advised organisations to “exercise caution” when allowing the use of consumer communication tools such as WhatsApp.

“The new data-sharing agreement between WhatsApp and Facebook might increase the risk of personal data being shared that contradicts company policy or compliance legislation relevant to the organisation,” he said.

Nokia and Google to co-develop cloud-native 5G solutions

Praharsha Anand

19 Jan, 2021

Google Cloud and Nokia are teaming up to develop cloud-native 5G solutions for communications service providers and enterprise customers.

The new partnership also focuses on modernising network infrastructures and developing network edge as a business services platform for enterprises. Furthermore, the companies will co-innovate solutions to help CSPs deliver 5G connectivity and services at scale.

“Communications service providers have a tremendous opportunity ahead of them to support businesses’ digital transformations at the network edge through both 5G connectivity and cloud-native applications and capabilities,” said George Nazi, VP, telco, media and entertainment industry solutions at Google Cloud. 

“Doing so requires modernized infrastructure, built for a cloud-native 5G core, and we’re proud to partner with Nokia to help the telecommunications industry expand and support these customers.”

As part of their strategic collaboration, Nokia will integrate its voice core, cloud packet core, network exposure function, data management, signalling, and 5G core technologies into Google’s services. Nokia will also include its IMPACT IoT Connected Device Platform, which allows for the remote management of IoT devices, and Converged Charging solution for real-time rating and charging capabilities.

Google Cloud’s Anthos will serve as the platform for deploying applications, enabling CSPs to build services across the network edge, carrier networks, and public or private clouds. What’s more, by delivering cloud-native applications at the edge, businesses can lower network latency and eliminate the need for costly, on-site infrastructure. 

Nokia cloud and network services CTO Ron Haberman adds, “In the past five years, the telecom industry has evolved from physical appliances to virtual network functions and now cloud-native solutions.

“Nokia is excited to work with Google Cloud in service of our customers, both CSPs and enterprise, to provide choice and freedom to run workloads on premise and in the public cloud. Cloud-native network functions and automation will enable new agility and use-cases in the 5G era.”

Citrix ‘set to acquire’ Wrike in record $2bn takeover

Keumars Afifi-Sabet

18 Jan, 2021

Citrix Systems is in talks to buy the collaborative work management platform Wrike for a reported $2 billion (approximately £1.5 billion) in what might become the company’s largest acquisition in its history.

The virtualisation company may close a deal with the owners of Wrike, Vista Equity Partners, as soon as this week, according to Bloomberg. This deal potentially adds another tool to Citrix’s arsenal as the firm aims to become a major player in the collaboration space.

Talks are reportedly ongoing with nothing finalised, according to those questioned by the publication, and discussions could yet collapse at any stage.

While Citrix already develops cloud-based products that allow employees to work remotely and keep in touch with their colleagues, integrating collaboration software such as that developed by Wrike would allow the company to go one step further.

Wrike develops workplace collaboration software that incorporates elements such as planning, workflow management and project management. The core platform is also supported by a host of integrations with technologies developed by the likes of Box, Salesforce, Microsoft, Google and Slack.

Of the firm’s more than 20,000 customers are several high-profile customers including Walmart and Nickelodeon in the US. Wrike’s competitors, meanwhile, include Trello and Slack Technologies, which were each recently purchased in major deals by Atlassian and Salesforce respectively.

Should the acquisition go through at the reported $2 billion figure, it’ll become the largest in the company’s history. The firm previously acquired the micro-app developer Sapho in November 2018 for $200 million (roughly £150 million). Prior to that, in February 2018, Citrix bought the web traffic management firm Cedexis for an undisclosed fee.

Citrix has been on a mission to define the “future of work” for several years, and integrating a collaboration platform into the firm’s core Workspace service would naturally fit into this strategy. The popularity of this kind of software has certainly surged during 2020, however, due to COVID-19 and its effect on encouraging remote working.

CloudPro approached Citrix for a comment on the reports, but the company didn’t respond at the time of publication.

Zoom plans to raise $1.75 billion in new stock offering

Bobby Hellard

14 Jan, 2021

Zoom has announced a plan to raise $1.75 billion (roughly £1.28 billion) for an underwritten public offering, which it expects to close on Friday. 

The price of the secondary share sale puts the company’s stock value up 10 times above where it debuted in 2019.

In connection with the offering, Zoom has granted the underwriter a 30-day option to purchase up to an additional 735,294 shares of its Class A common stock at the public offering price. It is now assuming a share price of £337.71 based on Monday’s closing value. US bank J.P. Morgan will act as the sole book-running manager for the offering.

It is thought that the secondary sale will provide the company with more capital to make acquisition deals more attractive to potential targets. The firm has said it may use a portion of its net proceeds for “acquisitions and strategic investments”. 

The video conferencing platform is seen as the breakout service of 2020, with mass adoption and 355% growth fueled by the greater need to work remotely. Alongside its IPO announcement, Zoom has also revealed that it sold one million Zoom Phone seats just before the product’s second anniversary. 

Zoom Phone is a core service in the company’s unified communications platform, along with Zoom Meetings, Zoom Chat, Zoom Rooms, and Zoom Video Webinars. It comes with features such as centralised management, contact centre integration, and global call routing.

Within the two-years that it has been generally available, it’s now used in dozens of countries and territories around the world.

“We are excited to see this level of uptake in such a short timeframe,” said Graeme Geddes, head of Zoom Phone. “Our customers have come to rely on Zoom to deliver amazing video and audio for them at scale, and they’re seeing tremendous value in consolidating and modernising their telephony services with us as well. This milestone really speaks to the level of trust we have built with our customers.”