SonicWall says it was victim of ‘sophisticated’ hack


It wasn’t clear if the SonicWall breach was related to the recent cyberattack against US government agencies and companies – including cybersecurity firms – by suspected Russian hackers, which authorities have described as sophisticated. — Bloomberg

The cybersecurity company SonicWall Inc said it was the victim of a coordinated attack on its internal systems by “highly sophisticated” hackers.

The Silicon Valley-based company said it’s investigating a compromise in its Secure Mobile Access 100 series, which “simplifies end-to-end secure remote access to corporate resources”, according to the company website.

SonicWall had previously said its NetExtender VPN client version 10x may also have been compromised, but the company ruled that out in an updated statement on Saturday. It also said SonicWall firewalls, SMA 1000 series and SonicWave access points aren’t affected.

The company is still investigating whether attackers exploited a so-called “zero day” – a newly discovered software flaw – in the SMA 100 series product.

Shevaun Betzler, a company spokesperson, said that a few thousand devices have been impacted.

It wasn’t clear if the SonicWall breach was related to the recent cyberattack against US government agencies and companies – including cybersecurity firms – by suspected Russian hackers, which authorities have described as sophisticated.

The initial discovery of that attack in December determined that the hackers had breached widely used software by Texas-based SolarWinds Corp.

As many as 18,000 SolarWinds customers received the malicious code in updates of the company’s Orion software, though it’s believed that hackers initiated further attacks on far fewer entities.

However, the hackers used other methods to infiltrate computer networks, some of which have recently been disclosed. For instance, the cybersecurity company Malwarebytes Inc said on Jan 19 that it had been targeted by the suspected Russian hackers who abused “applications with privileged access to Microsoft Office 365 and Azure environments”. – Bloomberg

Article type: metered
User Type: anonymous web
User Status:
Campaign ID: 18
Cxense type: free
User access status: 3
   

Did you find this article insightful?

Yes
No

Next In Tech News

Facebook removes Thai military-linked information influencing accounts
Explainer: How brands will target ads to you after the death of browser cookies
Parler sues Amazon again, after dropping original lawsuit
Google won't use other web tracking tools after phasing out cookies
European telcos cash in on tower assets as high-cost 5G investment looms
Emerging Europe.com bolsters defences as Amazon enters Poland
Labour rights issue at forefront of Spain’s gig economy with potential regulation
Musk floats ‘Starbase’ name change for Texas launch town
Number of Germany's electric vehicle charge points rise 10% since December
Air-taxi startup Volocopter boosts funds in race to get flying

Stories You'll Enjoy


Vouchers