BlackCSI Blog

BlackCSI has been serving the Pennsylvania area since 2002, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Unsupported SonicWall Products Vulnerable to New Ransomware Attack

Unsupported SonicWall Products Vulnerable to New Ransomware Attack

A new ransomware threat has surfaced, this time targeting unpatched and end-of-life products in SonicWall’s line of Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products. The threat is currently being exploited in the wild, so if you utilize these devices in your business, it is your responsibility to take action to mitigate damages caused by these ransomware attacks now.

SonicWall has been working with Mandiant and other trusted third parties to identify the nature of the threat, which uses stolen credentials to install ransomware on affected devices. This new ransomware threat is described as “imminent,” meaning that you absolutely need to take this seriously. If you don’t, you run the risk of ransomware threats ravaging your technology. Communication has been sent out from SonicWall to affected customers.

Thankfully, the vulnerability that allowed these attacks to occur has been patched in more recent versions of the firmware, although SonicWall does state in its notice, “SonicWall PSIRT strongly suggests that organizations still using 8.x firmware review the information below and take immediate action.” The “information below,” in this case, details which devices are affected, how they are affected, and what must be done to resolve these vulnerabilities. In most cases regarding devices that have reached their end of life, the company recommends taking affected devices offline and resetting all associated credentials, but in the case of devices which are still supported, updating to the most recent firmware should also do the trick. SonicWall also urges users to change passwords and enable multi-factor authentication.

SonicWall apparently understands that it is not always easy to upgrade away from legacy technology. In response to this threat, they issued the following statement: To provide a transition path for customers with end-of-life devices that cannot upgrade to 9.x or 10.x firmware, we’re providing a complimentary virtual SMA 500v until October 31, 2021. This should provide sufficient time to transition to a product that is actively maintained.” It must be mentioned that this is only a short-term solution, not a long-term one.

These types of threats that strike out at software and unsupported firmware which has reached its end of life are not uncommon. All good things must come to an end eventually, including your technology solutions. It is your responsibility to make sure that your organization is only using technology that is currently supported by its developers. Failing to do so is asking for trouble, and you are only shooting yourself in the foot by ignoring them in favor of using older technology.

**Keep in mind, if we’re managing your IT and cybersecurity infrastructure, we’re handling all of your security updates. If you aren’t sure, reach out to us to ensure your agreement covers this type of support.**

BlackCSI can help you address issues with your IT infrastructure where you might still be using older unsupported technologies. We can address any shortcomings with your network and handle the process of upgrading to better, more secure technology. To learn more, reach out to us at (717) 620-3042.

The “New Normal” Has More to Do with Technology th...
Attackers Have Successfully Hit the Nation’s Large...


No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Wednesday, October 04, 2023

Captcha Image

Latest News & Events

BlackCSI, a leading Managed Technology Services Provider (MTSP), announced today that the company is protecting small to medium-sized businesses (SMBs) from the latest style of cyberattack. While phishing has long been a method used by cybe...

Latest Blog

Cyberattacks are nothing to take lightly. Every year, they cause millions of dollars of damage to unprepared and unprotected businesses, which leads to many of these businesses’ failure. Let’s talk about what ultimately causes cyberattacks,...

Contact Us

Learn more about what BlackCSI
can do for your business.

(717) 620-3042

507 N. York Street
Mechanicsburg, Pennsylvania 17055