Ransomware threat to SonicWall Customers

381

SonicWall that offers next generation firewalls and various Cybersecurity solutions has announced that its customers using certain products are at a risk of being cyber attacked with ransomware.

Therefore, customers using Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products are being urged to disconnect those devices from internet as they are on the verge of getting cyber attacked and injected with file encrypting malware as its 8.x firmware is going to reach its EOL aka End of Life.

Currently, there appears to be no mitigation solution to such EOL issues and the only thing the customer can do is to disconnect the device from the internet service. Otherwise, they can be targeted by a ransomware campaign that could spread the malware to the entire network.

As of now, there is no news on which ransomware group has specifically targeted SonicWall devices and whether any of the vulnerable devices were targeted by exploiting the firmware vulnerability.

Note 1- Security researchers from SonicWall suggest that all those devices that cannot be upgraded from 8.x to 9.x or 10.x firmware can use a complimentary virtual SMA 500v until the end of October this year. Also, they are being requested to reset all credentials associated with the SMA and SRA devices that have reached EOL. As it could put an end to a big trouble that is fast approaching.

Note 2- On January 21st, 2021, the California based company stated that it has become a target to a highly sophisticated cyber attack where threat actors exploited a zero-day vulnerability on SonicWall Secure remote access products to compromise some devices on a worldwide note.

Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security