SonicWall hit by a highly sophisticated cyber attack

SonicWall, an American networking products vendor has made an official announcement that it has become a victim of a highly sophisticated cyber attack on January 22, 2021. And news is out that hackers exploited the zero day vulnerability on SonicWall’s Net Extender VPN Client and Secure Mobile Access SMA Gateway to enter the corporate network.

However, a detailed inquiry later proved that the servers belonging to VPN Client remained unaffected in the incident and only the Gateway related resources were found to have been compromised.

Highly placed sources from SonicWall stated that the attack might have been carried by highly sophisticated threat actors, but did not feel the need to release the details of the suspects as the probe was still on.

In a couple of days from now, the firm that also offers cloud based products is planning to release a fix that has to be updated at the devices working at the corporate environments of the clients.

A notice on this note has been issued to all SMA 100 series customers via the official website, and pretty soon they a digital notification via email will also be sent.

Note 1- Previously, SonicWall served as a Dell Inc’s business subsidiary for almost 4 years and served its customers with a series of products ranging from network security to threat management and virtual private networks. After its departure with Dell, the company emerged into a new business as offered anti-spam services to company emails. From the year 2016, SonicWall has become a part of Francisco Partners and Elliott Management and is offering solutions as per the prevailing compliance laws such as HIPAA, and the Payment Card Industry Data Security Standard (PCl-DSS).

Note 2- New Zealand’s Computer Emergency Response Team or CERT has issued a warming to all businesses operating in its region about the possible zero day vulnerability lurking in the cyberspace.

Naveen Goud
Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display