BlackCSI Blog

Unsupported SonicWall Products Vulnerable to New Ransomware Attack

Unsupported SonicWall Products Vulnerable to New Ransomware Attack

A new ransomware threat has surfaced, this time targeting unpatched and end-of-life products in SonicWall’s line of Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products. The threat is currently being exploited in the wild, so if you utilize these devices in your business, it is your responsibility to take action to mitigate damages caused by these ransomware attacks now.

SonicWall has been working with Mandiant and other trusted third parties to identify the nature of the threat, which uses stolen credentials to install ransomware on affected devices. This new ransomware threat is described as “imminent,” meaning that you absolutely need to take this seriously. If you don’t, you run the risk of ransomware threats ravaging your technology. Communication has been sent out from SonicWall to affected customers.

Thankfully, the vulnerability that allowed these attacks to occur has been patched in more recent versions of the firmware, although SonicWall does state in its notice, “SonicWall PSIRT strongly suggests that organizations still using 8.x firmware review the information below and take immediate action.” The “information below,” in this case, details which devices are affected, how they are affected, and what must be done to resolve these vulnerabilities. In most cases regarding devices that have reached their end of life, the company recommends taking affected devices offline and resetting all associated credentials, but in the case of devices which are still supported, updating to the most recent firmware should also do the trick. SonicWall also urges users to change passwords and enable multi-factor authentication.

SonicWall apparently understands that it is not always easy to upgrade away from legacy technology. In response to this threat, they issued the following statement: To provide a transition path for customers with end-of-life devices that cannot upgrade to 9.x or 10.x firmware, we’re providing a complimentary virtual SMA 500v until October 31, 2021. This should provide sufficient time to transition to a product that is actively maintained.” It must be mentioned that this is only a short-term solution, not a long-term one.

These types of threats that strike out at software and unsupported firmware which has reached its end of life are not uncommon. All good things must come to an end eventually, including your technology solutions. It is your responsibility to make sure that your organization is only using technology that is currently supported by its developers. Failing to do so is asking for trouble, and you are only shooting yourself in the foot by ignoring them in favor of using older technology.

**Keep in mind, if we’re managing your IT and cybersecurity infrastructure, we’re handling all of your security updates. If you aren’t sure, reach out to us to ensure your agreement covers this type of support.**

BlackCSI can help you address issues with your IT infrastructure where you might still be using older unsupported technologies. We can address any shortcomings with your network and handle the process of upgrading to better, more secure technology. To learn more, reach out to us at (717) 620-3042.

The “New Normal” Has More to Do with Technology th...
Attackers Have Successfully Hit the Nation’s Large...
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Saturday, September 25, 2021

Captcha Image

By accepting you will be accessing a service provided by a third-party external to https://www.blackcsi.com/

Latest News & Events

BlackCSI, a leading managed technology services provider (MTSP), recently shared that their robust cybersecurity solutions have protected their customers from consistent, daily attacks on small to mid-sized businesses. Unfortunately, this i...

Latest Blog

Employees come and go in the business world, so you should be prepared to handle this turnover when it happens. If your company does not have an adequate response to employee turnover, you could potentially put your business at risk. Here a...

Contact Us

Learn more about what BlackCSI
can do for your business.

(717) 620-3042

BlackCSI
507 N. York Street
Mechanicsburg, Pennsylvania 17055