Another ransomware threat is out and about, this time targeting unpatched and end-of-life products in SonicWall’s Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products. To make things worse, the threat is currently being used, so businesses utilizing these devices must take action now to limit how much damage this ransomware can do.
SonicWall, along with Mandiant and other trusted third parties, worked to determine the nature of the threat. This threat uses stolen credentials to install ransomware on vulnerable devices, and since it is described as “imminent,” you know it’s bad. If you don’t take immediate action, ransomware threats could become extremely problematic for your organization. SonicWall has been in communication with its affected customers to inform them of the vulnerability.
There is a spot of good news here, though. The vulnerability that allows these vulnerabilities to be taken advantage of is in an older version of the firmware, so those who are using more recent versions of the firmware should have had it already patched. SonicWall details this in its notice: “SonicWall PSIRT strongly suggests that organizations still using 8.x firmware review the information below and take immediate action.” In this case, SonicWall is detailing the devices that are affected by the vulnerability, how they are affected, and their recommended course of action. If the device has reached its end of life, SonicWall urges companies to take the device offline and reset all of its associated credentials, but if devices are still supported, then updating the firmware should be enough to shore up the vulnerability. In addition, SonicWall also urges users to change passwords and enable multi-factor authentication.
Anyone using legacy technology knows the struggle of upgrading away from it to more recent hardware, and SonicWall is prepared for this. SonicWall issued this statement for customers who just can’t seem to let go of their older technology: “To provide a transition path for customers with end-of-life devices that cannot upgrade to 9.x or 10.x firmware, we’re providing a complimentary virtual SMA 500v until October 31, 2021. This should provide sufficient time to transition to a product that is actively maintained.” This is, of course, a short-term fix; the long-term fix is to equip yourself with new hardware.
These threats that take advantage of unsupported firmware and software that have reached their end of life are not particularly uncommon, so it’s important that your organization makes plans to upgrade away from technology that is creeping up on its end of life. If you don’t do this, you’ll get situations like the above where hackers start taking advantage of unsupported technology, thereby putting your company at risk.
**Keep in mind, if we’re managing your IT and cybersecurity infrastructure, we’re handling all of your security updates. If you aren’t sure, reach out to us to ensure your agreement covers this type of support.**
If you have any questions or concerns about unsupported software or maintaining your technology infrastructure as a whole, FRS Pros is happy to help. To learn more about how we can make managing your technology easier, reach out to us at 561-795-2000.