SonicWall Alerts of Imminent Ransomware Campaign

It has been reported that security vendor SonicWall is warning customers to patch its enterprise secure VPN hardware to thwart an “imminent ransomware campaign using stolen credentials” that are exploiting security holes in current models and those running legacy firmware. Targeted are the company’s Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) secure VPN appliances with both unpatched and end-of-life (EoL) 8.x firmware. In a Thursday security notice, the company reported that researchers at Mandiant identified “threat actors actively targeting” three SMA 100 models and nine older SRA-series secure VPN products no longer supported by SonicWall.

Experts Comments

July 16, 2021
Andy Norton
European Cyber Risk Officer
Armis

The immediate requirement for SonicWall customers is now to profile their asset estate for SMA and SRA 100 devices and to take appropriate isolation action until the patch can be applied or the devices can be retired from service. The Cybersecurity Infrastructure Agency, CISA, under the new "StopRansomware" campaign has just announced guidance to stop two bad practises that aid the spread of ransomware. The first of which highlights that the use of unsupported (or end-of-life) software in

.....Read More

The immediate requirement for SonicWall customers is now to profile their asset estate for SMA and SRA 100 devices and to take appropriate isolation action until the patch can be applied or the devices can be retired from service. The Cybersecurity Infrastructure Agency, CISA, under the new "StopRansomware" campaign has just announced guidance to stop two bad practises that aid the spread of ransomware. The first of which highlights that the use of unsupported (or end-of-life) software in service of Critical Infrastructure and National Critical Functions is dangerous and significantly elevates risk to national security, national economic security, and national public health and safety. This dangerous practice is especially egregious in internet-accessible technologies. This SonicWall announcement ticks the CISA box for 75% of the models that are under attack.

  Read Less

Submit Your Expert Comments

What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Write Your Expert Comments *
Your Registered Email *
Notification Email (If different from your registered email)
* By using this form you agree with the storage and handling of your data by this web site.